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Description 

BACKGROUND OF THE INVENTION 

1 . Field of the Invention 

[0001] The present invention is directed toward the 
field of redirecting information between a host system 
and a mobile data communication device. 

2. Description of the Related Art 

[0002] Present systems and methods for replicating 
information from a host system to a user's mobile data 
communication device are typically "synchronization" 
systems in which the user's data items are warehoused 
(or stored) at the host system for an indefinite period of 
time until the user synchronizes the mobile device to the 
host system. In these types of systems and methods, 
when replication of the warehoused data items to the 
mobile device is desired, the user typically places the 
mobile device in an interface cradle that is electrically 
connected to the host system via some form of local, 
dedicated communication, such as a serial cable or an 
infrared or othertype of wireless link. Software executing 
on the mobile data communication device then transmits 
commands via the local communications link to the host 
system to cause the host to begin transmitting the user's 
data items for storage in a memory bank of the mobile 
device. 

[0003] In these synchronization schemes, the mobile 
unit "pulls" the warehoused information from the host sys- 
tem in a batch-mode each time the user desires to rep- 
licate information between the two devices. Thus, the two 
systems (host and mobile) maintain the same data items 
only after a user-initiated synchronization sequence. 
[0004] A general problem with these synchronization 
systems is the fact that the data in the mobile device is 
only current at the moment of synchronization with the 
host. Five minutes later a new message could be sent to 
the user, but the user would not receive that message 
untii the next time the systems are synchronized. Thus, 
a user may fail to respond to an emergency update or 
message because the user only periodically synchroniz- 
es the system, such as once per day. 
[0005] Other problems with these systems include: (1 ) 
the amount of data to be reconciled between the host 
and the mobile device can become large if the user does 
not "synchronize" on a daily or hourly basis, leading to 
bandwidth difficulties, particularly when the mobile de- 
vice is communicating via a wireless packet-switched 
network; and (2) reconciling large amounts of data, as 
can accrue in these batch-mode synchronization sys- 
tems, can require a great deal of communication between 
the host and the mobile device, thus leading to a more 
complex, costly and energy-inefficient system. 
[0006] Thus, there is a general need in this field for a 
more automated, continuous, efficient, flexible, and reli- 
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able system of ensuring that user data items are repli- 
cated (in real time) at the user's mobile device. 
[0007] WO-01/22669 discloses a method of redirect- 
ing data items from a messaging host system to a user's 
5 mobile device according to the preamble of the independ- 
ent claims. 

[0008] US 6,229,894 relates to a method and appara- 
tus for accessing user specific encryption information, 
based on the identity of a requesting entity and/or the 

10 type of request, a server determines the requesting en- 
tity's authorized level of access to user specific encryp- 
tion information. Based on the authorized level of access, 
the requesting entity is provided with controlled access 
to the user specific information. 

75 [0009] A common problem encountered in securing 
the communications during redirecting data items from 
a messaging host system to a user's mobile device re- 
lates to providing the required decryption key to the mo- 
bile device. 

20 

SUMMARY OF THE INVENTION 

[0010] A system and method for redirecting data items 
from a messaging host system to a user's mobile device 

25 upon sensing a triggering event is provided. A redirector 
program operating at the host system enables a user to 
continuously redirect certain user-selected data items 
from the host system to the user's mobile data commu- 
nication device upon detecting that one or more user- 

30 defined triggering events has occurred. The redirector 
program operates in connection with event generating 
applications and repackaging systems at the host system 
to configure and detect a particular user-defined event, 
and then to repackage the user-selected data items in 

35 an electronic wrapper prior to pushing the data items to 
the mobile device. 

[0011] Using the redirector program, the user can se- 
lect certain data items for redirection, such as E-mail 
messages, calendar events, meeting notifications, ad- 

40 dress entries, journal entries, personal reminders etc. 
Having selected the data items for redirection, the user 
can then configure one or more event triggers to be 
sensed by the redirector program, which then initiates 
redirection of the user data items upon sensing one or 

45 more of the event triggers. These user-defined trigger 
points (or event triggers) may be external events, internal 
events or networked events. Once an event has triggered 
redirection of the user data items, the host system then 
repackages these items in a manner that is transparent 

so to the mobile data communication device, so that infor- 
mation on the mobile device appears similar to informa- 
tion on the user's host system. 

[0012] The redirector program may further provide a 
set of software-implemented control functions for deter- 
55 mining the type of mobile data communication device 
and its address, for programming a preferred list of mes- 
sage types that are to be redirected, and for determining 
whether the mobile device can receive and process cer- 
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tain types of message attachments, such as word proc- 
essor or voice attachments. The mobile device control 
functions are initially set by the user of the mobile device 
at the host system. These functions can then be altered 
on a global or per message basis by transmitting a com- 
mand message from the mobile device to the host sys- 
tem. 

[0013] The redirector program may further execute on 
a network server, and the server is programmed to detect 
numerous redirection event triggers over the network 
from multiple user desktop computers coupled to the 
server via a local-area-network ("LAN"). The server can 
receive internal eventtriggers from each of the userdesk- 
tops via the network, and can also receive external event 
triggers, such as messages from the users' mobile data 
communication devices. In response to receiving one of 
these triggers, the server redirects the user's data items 
to the proper mobile data communication device. This 
alternative configuration could also include an Internet 
or Intranet-located web server including the redirector 
program that could be accessible through a secure Web 
page or other user interface. In this configuration, the 
redirector program could be located on an Internet Serv- 
ice Provider ("ISP") system or an Application Service Pro- 
vider ("ASP") system, and the userwould configure (and 
reconfigure) the program controls over an Internet con- 
nection to the ISP or ASP system. 
[0014] The redirectorprogram may operate at both the 
host system and at the user's mobile data communication 
device. In this configuration, the user's mobile device op- 
erates similarly to the host system described below, and 
is configured in a similar fashion to push certain user- 
selected data items from the mobile device to the user's 
host system (or some other computer) upon detecting an 
eventtrigger at the mobile device. This configuration pro- 
vides two-way pushing of information from the host to 
the mobile device and from the mobile device to the host. 
[0015] A primary advantage of these configurations is 
that it provides a system and method for triggering the 
continuous and real-time redirection of user-selected da- 
ta items from a host system to a mobile data communi- 
cation device. Other advantages include: (1) flexibility in 
defining the types of user data to redirect, and in defining 
a preferred list of message types that are to be redirected 
or preferred senders whose messages are to be redirect- 
ed; (2) flexibility in configuring the system to respond to 
numerous internal, external and networked triggering 
events; (3) transparent repackaging of the user data 
items in a variety of ways such that the mobile data com- 
munication device appears as though it were the host 
system; (4) integration with other host system compo- 
nents such as E-mail, TCP/IP, keyboard, screen saver, 
Web pages and certain programs that can either create 
user data items or be configured to provide trigger points; 
and (5) the ability to operate locally on a user's desktop 
system or at a distance via a network server or through 
a secure Internet connection. 

[001 6] A method of redirecting data items from a mes- 



saging host system to a user's mobile device in accord- 
ance with an aspect of the invention comprises the steps 
of detecting a new data item for the user at the messaging 
host system, forwarding a copy of the new data item to 

5 a redirector host system, determining whether the new 
data item should be redirected from the redirector host 
system to the user's mobile device, and if the new data 
item should be redirected, then encrypting the new data 
item to form an encrypted new data item and packaging 

10 the encrypted new data item into an electronic envelope 
and transmitting the electronic envelope to the user's mo- 
bile device. A new data item is preferably also stored in 
a user's inbox coupled to the messaging host system. 
New data items may be detected at the host system by 

is determining whether a new data item has been received 
at the messaging host system for a particular user and 
checking aforwarding file coupled to the messaging host 
system to determine whether the particular user's data 
items should be redirected to the redirector host system. 

20 A set of filtering rules, which are preferably remotely con- 
figurable by a user, may be applied by the redirector host 
system in determining whether a new data item should 
be redirected to the user's mobile device. A configurable 
activation/deactivation switch is also preferably provided 

25 for turning on/off the operation of the redirector host sys- 
tem for a particular user. 

[0017] At the user's mobile device, the steps of receiv- 
ing the electronic envelope, extracting the encrypted new 
data item from the electronic envelope and decrypting 

30 the encrypted new data item to recoverthe new data item 
are performed. The decrypting step comprises the step 
of using a cipher algorithm and a decryption key to de- 
crypt the encrypted new data item. At the redirector host 
system, the encrypting step similarly involves a cipher 

35 algorithm and an encryption key. The encryption and de- 
cryption keys are generated at a computer system asso- 
ciated with the mobile device. Public key cryptographic 
operations are also contemplated. 
[0018] In a preferred embodiment, the data items are 

40 E-mail messages, and the messaging host system is an 
E-mail host system. In a further embodiment, the mes- 
saging host system is an internet Service Provider. 
[0019] According to another embodiment, a method of 
redirecting E-mail messages from a messaging host sys- 

45 tern to a user's wireless mobile device comprises the 
steps of detecting an E-mail message for the user at the 
messaging host system, forwarding a copy of the E-mail 
message from the messaging host system to a wireless 
redirector host system, receiving the forwarded E-mail 

so message at the wireless redirector host system and ap- 
plying a set of user-defined filtering rules that determine 
whether or not to redirect the E-mail to the user's wireless 
mobile device via a wireless network coupled to the wire- 
less redirector host system, and if the filtering rules de- 

55 termine that the E-mail message is of the type that should 
be redirected, then encrypting the E-mail message to 
form an encrypted E-mail message and redirecting the 
encrypted E-mail message to the user's wireless mobile 
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device by packaging the encrypted E-mail message in 
an electronic envelope that includes a wireless network 
address of the user's wireless mobile device. 
[0020] A system for redirecting data items from a net- 
work to a user's wireless mobile device in accordance 
with an aspect of the invention comprises a messaging 
host system coupled to the network for receiving data 
items associated with a particular user and f orf orwarding 
the received data items to a predetermined address on 
the network anda redi rector host system associated with 
the predetermined address for receiving the forwarded 
data items from the messaging host system and for en- 
crypting and redirecting those data items to the user's 
wireless mobile device. The messaging host system may 
include asendmail program for receiving and transmitting 
user data items and a forwarding file containing a list of 
authorized users of the system, and the predetermined 
address to which the messaging host system will forward 
each user's data items. The redirector host system pref- 
erably comprises an encryption module that encrypts the 
forwarded data items from the messaging host system, 
and the mobile device preferably comprises a decryption 
module. Encryption and decryption keys used by these 
modules may be generated and distributed via any of the 
mechanisms described above. 

[0021] A method of operating a host system may be 
configuredto redirect E-mail messages from the Internet 
to a user's wireless mobile device, the method compris- 
ing the steps of receiving an E-mail message from the 
Internet for a particular user, accessing a user profile 
database to determine whether the particular user is an 
authorized user of the host system, if the user is an au- 
thorized user, then accessing a filter rules database to 
apply a set of user-defined filtering rules to the E-mail 
message that dictate whether the E-mail message is the 
type of message that the user wants to have redirected 
to its wireless mobile device, and if the E-mail message 
clears the filtering rules, then encrypting the E-mail mes- 
sage and repackaging the encrypted E-mail message 
into an electronic envelope including the address of the 
user's wireless mobile device and forwarding the elec- 
tronic envelope to a wireiess gateway system for trans- 
mission onto a wireless data network associated with the 
user's wireless mobile device. 

[0022] A method for redirecting messages between an 
ISP host system and a plurality of mobile data commu- 
nication devices comprises the steps of configuring re- 
direction settings for one or more mobile device users at 
the host system, receiving incoming messages directed 
to a first address at the ISP host system from a plurality 
of message senders, in response to the redirection set- 
ting, continuously encrypting and redirecting the incom- 
ing messages from the ISP host system to the mobile 
data communication device via a redirector host system, 
receiving encrypted outgoing messages generated and 
encrypted at the mobile communications device at the 
redirector host system, decrypting the received encrypt- 
ed outgoing messages to recover the outgoing messag- 
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es, configuring address information of the outgoing mes- 
sages so that the first address is used as an originating 
address of the outgoing messages, and transmitting the 
configured outgoing messages to message recipients. 

5 [0023] A further method of redirecting electronic data 
items from a host system associated with a user to the 
user's mobile data communication device comprises the 
steps of configuring an external redirection event at the 
host system, wherein the external redirection event is the 

10 host system sensing whether the user is in the physical 
vicinity of the host system, receiving electronic data items 
at the host system, and if the host system senses that 
the user is not in the physical vicinity of the host system, 
then continuously encrypting the electronic data items 

is and redirecting the encrypted data items to the user's 
mobile data communication device until the host system 
senses that the user is in the vicinity of the host system. 
The sensing may be achieved by a heat sensor detecting 
a lack of heat emitted by the user, by a motion sensor 

20 detecting a lack of motion by the user, or by removal of 
the mobile device from a mobile device cradle connected 
to the host system for example. 
[0024] In a system for redirecting data items between 
a host system and a mobile communications device 

25 through a redirector system, a method of key distribution 
comprises the steps of generating an encryption key for 
encrypting data items to be redirected to the mobile de- 
vice, generating a decryption key for decrypting encrypt- 
ed and redirected data items received at the mobile de- 

30 vice, and forwarding the decryption key to the mobile 
device using a secure communications link. The steps 
of generating the encryption key and generating the de- 
cryption key may be performed at the redirector system, 
at the host system, at a computer system operatively 

35 connected to the host system or at the device. The en- 
cryption key and the decryption key may both be private 
keys, or the encryption key may be a public key and the 
decryption may be a private key of a key pair. Data items 
to be sent from the mobile device may be encrypted at 

40 the device using a second encryption key and decrypted 
when received at the redirector system using a second 
decryption key. 

[0025] A key distribution system in a system for redi- 
recting data items between a host system and a mobile 

45 communications device through a redirector system 
comprises means for generating an encryption key for 
encrypting data items prior to redirection to the mobile 
device, means for generating a decryption key for de- 
crypting encrypted and redirected data items received at 

so the mobile device, and means forforwarding the decryp- 
tion key to the mobile device using a secure communi- 
cations link. 

[0026] These are just a few of the many advantages 
of the present invention, as described in more detail be- 
55 low. As will be appreciated, the invention is capable of 
other and different embodiments, and its several details 
are capable of modifications in various respects, all with- 
out departing from the spirit of the invention. Accordingly, 
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the drawings and description of the preferred embodi- 
ments set forth below are to be regarded as illustrative 
in nature and not restrictive. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0027] The present invention satisfies the needs noted 
above as will become apparent from the following de- 
scription when read in conjunction with the accompany- 
ing drawings wherein: 

FIG. 1 is a system diagram showing the redirection 
of user data items from a user's desktop PC (host 
system) to the user's mobile data communication de- 
vice, where the redirector software is operating at 
the user's desktop PC; 

FIG. 2 is a system diagram showing the redirection 
of user data items from a network server (host sys- 
tem) to the user's mobile data communication de- 
vice, where the redirector software is operating at 
the server; 

FIG. 3 is a block diagram showing the interaction of 
the redirector software with other components of the 
host system in FIG. 1 (the user's desktop PC) to en- 
able the pushing of information from the host system 
to the user's mobile data communication device; 
FIG. 4 is a flow chart showing the steps carried out 
by the redirector software operating at the host sys- 
tem; 

FIG. 5 is a flow chart showing the steps carried out 
by the mobile data communication device to inter- 
face with the redirectorsoftware operating at the host 
system; 

FIG. 6 is a system diagram showing the redirection 
of user data items from a user's host system to the 
user's mobile data communication device, where the 
redirector software is operating at the wireless redi- 
rector host system; 

FIG. 7 is a block diagram showing the interaction of 
the redirectorsoftware with other components of the 
host system in FIG. 6 to enable the pushing of infor- 
mation from the host system to the user's mobiie 
data communications device; 
FIG. 8 is a flow chart showing the steps carried out 
by the redirector software operating at the wireless 
redirector host system. 

FIG. 9 is a block diagram showing the interaction of 
the redirector send agent software with other com- 
ponents of the host systems to enable the pushing 
of information from the host system to the user's mo- 
bile data communications device; 
FIG. 10 is a block diagram showing the interaction 
of the redirector receive agent software with other 
components of the host systems to enable the push- 
ing of information to the Internet from the user's mo- 
bile data communications device; 
FIG. 1 1 is a flowchart showing the steps carried out 
by the redirector receive agent operating at the re- 



director agent host server in the case of redirecting 
E-mail messages with domain-massaging and tag 
line customisation; 

FIG. 12 is a hierarchical view of an example of the 

5 different types of domains, represented by sites, 
which can interface with a single redirector system; 
FIG. 1 3 is a system diagram showing the redirection 
of user data items from a user's host system to the 
user's mobile data communication device, where the 

10 redirector software encrypts redirected data items; 
FIG. 14 is a system diagram similar to FIG. 13, but 
showing the redirector software as part of an inte- 
grated messaging/redirection host system; 
FIG. 15 is a block diagram showing the interaction 

is of redirector software with other components of the 
messaging host system in FIG. 14 to enable the 
pushing of information from the host system to the 
user's mobile data communications device and from 
the device to the host system; 

20 FIG. 16 is a block diagram showing the interaction 
of distributed redirector agent software components 
with other components of the host system, including 
multiple domain systems hosted by a service provid- 
er that operates the redirector software; 

25 FIG. 17 is a hierarchical view of an example of dif- 
ferent types of domains, represented by sites, which 
can interface with a single integrated redirector sys- 
tem; 

FIG. 18 is a block diagram showing the interaction 
30 of an integrated messaging/redirection software with 
other components of an external host system to en- 
able the pushing of information from the host system 
to the user's mobile data communications device 
through the integrated messaging/redirection sys- 
35 tern; and 

FIG. 1 9 is a block diagram showing a variation of the 
system in FIG. 18, wherein the redirectorsoftware 
shares messaging components with the messaging 
system. 

DETAILED DESCRIPTION OF THE DRAWINGS 

[0028] Referring now to the drawings, FIG. 1 is an ex- 
ample system diagram showing the redirection of user 

45 data items (such as message A or C) from a user's desk- 
top PC (host system) 1 0A to the user's mobile data com- 
munication device 24, where the redirectorsoftware 12 
is operating at the user's PC 10A. As used in this appli- 
cation, the term "host system" refers to the computer 

so where the redirectorsoftware is operating. The host sys- 
tem is a user's desktop PC 1 0A. Alternatively, however, 
the host system could be a networkserver (1 OB, see FIG. 
2) connected to the user's PC via a local-area network 
("LAN"), or it could be a Web server (240, see FIG. 6) 

55 operating through a secure network connection or oper- 
ating at an external ISP, orthe host system could be any 
other system that is capable of communicating with the 
user's desktop PC. 
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[0029] Message A in FIG. 1 represents an internal 
message sent from desktop 26 to the user's host system 
10A via LAN 14. Message C in FIG. 1 represents an 
external message from a sender that is not directly con- 
nected to LAN 14, such as the user's mobile data com- 
munication device 24, some other user's mobile device 
(not shown), or any user connected to the Internet 18. 
Message C also represents a command message from 
the user's mobile data communication device 24 to the 
host system 10A. As described in more detail in FIG. 3, 
the desktop host system 1 0A preferably includes, along 
with the typical hardware and software associated with 
a workstation or desktop computer, the redirector pro- 
gram 12, a TCP/IP subsystem 42, a primary message 
store 40, an E-mail subsystem 44, a screen saver sub- 
system 48, and a keyboard subsystem 46. 
[0030] In FIG. 1, the host system 10A is the user's 
desktop system, typically located in the user's office. The 
desktop host system 1 0A is connected to a LAN 14, which 
also connects to other computers 26, 28 that may be in 
the user's office or elsewhere. The LAN 14, in turn, is 
connected to a wide area network ("WAN") 1 8, preferably 
the Internet, which is defined by the use of the Transmis- 
sion Control Protocol/Internet Protocol ("TCP/IP") to ex- 
change information, butwhich, alternatively, could be any 
other type of WAN. The connection of the LAN 14 to the 
WAN 18 is via high bandwidth link 16, typically aT1 or 
T3 connection. The WAN 18 in turn is connected to a 
variety of gateways 20, via connections 32. A gateway 
forms a connection or bridge between the WAN 18 and 
some other type of network, such as an RF wireless net- 
work, cellular network, satellite network, or other syn- 
chronous or asynchronous land-line connection. 
[0031] In the example of FIG. 1, a wireless gateway 
20 is connected to the Internet for communicating via 
wireless link 22 to a plurality of wireless mobile data com- 
munication devices 24. Also shown in FIG. 1 is machine 
30, which could be a FAX machine, a printer, a system 
for displaying images (such as video) or a machine ca- 
pable of processing and playing audio files, such as a 
voice mail system. 

[0032] The system includes the ability to redirect cer- 
tain message attachments to such an external machine 
30 if the redirector program configuration data reflects 
that the mobile device 24 cannot receive and process 
the attachments, or if the user has specified that certain 
attachments are not to be forwarded to mobile device 24, 
even if such device can process those attachments. By 
way of example, consider an E-mail sent to a user that 
includes three attachments - a word processing docu- 
ment, a video clip and an audio clip. The redirection pro- 
gram 12 could be configured to send the text of the E- 
mail to the remote device 24, to send the word processing 
document to a networked printer located near the user, 
to send the video clip to a memory store accessible 
through a secure connection through the internet and to 
send the audio clip to the user's voice mail system. This 
example is not intended to limit the breadth and scope 



of the invention, but rather to illustrate the variety of pos- 
sibilities embodied in the redirection concept. 
[0033] The preferred mobile data communication de- 
vice 24 is a hand-held two-way wireless paging compu- 

5 ter, a wirelessly enabled palm-top computer, a mobile 
telephone with data messaging capabilities, or a wire- 
lessly enabled laptop computer, but could, alternatively 
be other types of mobile data communication devices 
capable of sending and receiving messages via a net- 

10 work connection 22. Although it is preferable for the sys- 
tem to operate in a two-way communications mode, cer- 
tain aspects of the invention could be beneficially used 
in a "one and one-half" or acknowledgment paging envi- 
ronment, or even with a one-way paging system. The 

is mobile data communication device 24 includes software 
program instructions that work in conjunction with the 
redirector program 1 2 to enable the seamless, transpar- 
ent redirection of user-selected data items. FIG. 4 de- 
scribes the basic method steps of the redirector program 

20 1 2, and FIG. 5 describes the steps of the corresponding 
program operating at the mobile device 24. 
[0034] In an alternative configuration, not explicitly 
shown in the drawings, the mobile device 24 also includes 
a redirector program. In this configuration, user selected 

25 data items can be replicated from the host to the mobile 
device and vice versa. The configuration and operation 
of the mobile device 24 having a redirector program is 
similarto that described herein with respect to FIGs. 1-4. 
[0035] A user can configure the redirector program 12 

30 to push certain user-selected data items to the user's 
mobile data communication device 24 when the redirec- 
tor 1 2 detects that a particular user-defined event trigger 
(or trigger point) has taken place. User-selected data 
items preferably include E-mail messages, calendar 

35 events, meeting notifications, address entries, journal 
entries, personal alerts, alarms, warnings, stock quotes, 
news bulletins, etc. Alternatively, the user-selected data 
items could include any other type of message that is 
transmitted to the host system 1 0A, or that the host sys- 

40 tern 10A acquires through the use of intelligent agents, 
such as data that is received after the host system 10A 
initiates a search of a database, a Web site or a bulletin 
board. In some instances, only a portion of the data item 
is transmitted to the mobile device 24 in orderto minimize 

45 the amount of data transmitted via the wireless network 
22. In these instances, the mobile device 24 can option- 
ally send a command message (C) to the host system 
1 0A to retrieve more or all of the data item if the user 
desires to receive it. 

so [0036] The user-defined event triggers include exter- 
nal events, internal events and networked events. Exter- 
nal events preferably include: (1) receiving a command 
message (such as message C) from the user's mobile 
data communication device to begin redirection, orto ex- 

55 ecute some other command at the host, such as a com- 
mand to enable the "preferred list mode" (described be- 
low), or to add or subtract a particular sender from the 
preferred list of the preferred list mode; (2) receiving a 
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n epi; 

similar message from some external computer; and (3) 
sensing that the user is no longer in the vicinity of the 
host system; although, alternatively, an external event 
can be any other detectable occurrence that is external 
to the host system 10. 

[0037] Internal events may include a calendar alarm, 
screen saver activation, keyboard timeout, programma- 
ble timer, or any other user-defined event that is internal 
to the host system 1 0. Networked events are user-de- 
fined messages that are transmitted to the host system 
from another computer coupled to the host system 1 0A 
via a network to initiate redirection. These are just some 
of the event triggers that could be used with the present 
invention to initiate replication of the user-selected data 
items from the host system 1 0A to the mobile device 24. 
Other types of triggers are also within the scope of the 
present invention. 

[0038] FIG. 1 shows an E-mail message A being com- 
municated over LAN 14 from computer 26 to the user's 
desktop system 10A (also shown in FIG. 1 is an external 
message C, which could be an E-mail message from an 
Internet user, or could be a command message from the 
user's mobile device 24). Once the message A (or C) 
reaches the primary message store of the host system 
1 0A, it can be detected and acted upon by the redirection 
software 12. The redirection software 12 can use many 
methods of detecting new messages. The preferred 
method of detecting new messages is using Microsoft's 
® Messaging API ("MAPI"), in which programs, such as 
the redirector program 1 2, register for notifications or 'ad- 
vise syncs' when changes to a mailbox take place. Other 
methods of detecting new messages could also be used. 
[0039] Assuming that the redirector program 12 is ac- 
tivated, and has been configured by the user (either 
through the sensing of an internal, external, or networked 
event) to replicate certain user data items (including mes- 
sages of type A or C) to the mobile device 24, when the 
message A is received at the host system 10A, the redi- 
rector program 1 2 detects its presence and prepares the 
message for redirection to the mobile device 24. In pre- 
paring the message for redirection, the redirector pro- 
gram 12 may compress the original message A, it may 
just compress the message header, or it may encrypt the 
entire message A to create a secure link to the mobile 
device 24. 

[0040] The address of the user's mobile data commu- 
nication device 24, the type of device, and whether the 
device 24 can accept certain types of attachments, such 
as word processing or voice attachments, are also pro- 
grammed into the redirector 12. If the user's type of mo- 
bile device cannot accept a particular type of attach- 
ments, then the redirector 1 2 can be programmed to route 
those attachments to a fax or voice number where the 
user is located using an attached fax orvoice machine 30. 
[0041 ] The redirector 1 2 may also be programmed with 
a "preferred list mode" operation that is configured by the 
user either at the host system 1 0A, or remotely from the 
user's mobile data communication device 24 by trans- 
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mitting a command message C. The "preferred list" in 
the "preferred list mode" contains a list of senders (other 
users) whose messages are to be redirected, or it may 
contain a list of message characteristics that determine 

5 whether a message is to be redirected, or it may contain 
both a list of senders and a list of message characteris- 
tics. For example, a message characteristic may relate 
to the size of the message, or the type of message, or 
whether the message has any attachments, or whether 

10 the message is originating from a particular domain. If 
activated, the preferred list mode causes the redirector 
program 1 2 to operate like a filter, only redirecting certain 
user data items based on whether the data item was sent 
fromasenderonthepreferred listorhas certain message 

is characteristics that if present will trigger or suppress re- 
direction of the message. 

[0042] In the example of FIG. 1 , if desktop system 26 
was operated by a user on the preferred list of host sys- 
tem 1 0A, and the preferred list option was activated, then 

20 message A would be redirected. If, however, desktop 26 
was operated by a user not on the host system's preferred 
list, then message A would not be redirected, even if the 
user of the host system had configured the redirector to 
push messages of type A. The user of the host system 

25 1 0A can configure the preferred list directly from the desk- 
top system 1 0A, or, alternatively, the user can send a 
command message (such as C) from the mobile device 
24 to the desktop system 1 0A to activate the preferred 
list mode, orto add or delete certain senders or message 

30 characteristics from the previously configured preferred 
list. In this manner, the user can remotely control the 
operation of the preferred list mode filter so as to dynam- 
ically alter the filtering characteristics of the redirector 
program 12. 

35 [0043] After the redirector 12 has determined that a 
particular message should be redirected, and it has pre- 
pared that message for redirection, the software 1 2 then 
sends the message A to a secondary memory store lo- 
cated in the mobile device 24. In doing so, the redirector 

40 preferably repackages message A as an E-mail with an 
outer envelope B that contains the addressing informa- 
tion of the mobile device 24, although alternative repack- 
aging techniques and protocols could be used, such as 
a TCP/IP repackaging and delivery method (most com- 

45 monly used in the alternative server configuration shown 
in FIG. 2). The wireless gateway 20 requires this outer 
envelope information B in order to know where to send 
the redirected message A. Once the message (A in B) 
is received by the mobile device 24, the outer envelope 

so B is removed, and the original message A is placed in 
the secondary memory store within the mobile device 24. 
By repackaging and removing the outer envelope in this 
manner, the present invention causes the mobile com- 
puter 24 to appear to be at the same physical location 

55 as the host system 10, thus creating a transparent sys- 
tem. 

[0044] In the case where message C is representative 
of an external message from a computer on the Internet 
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18 to the host system 10A, and the host 10A has been 
configured to redirect messages of type C, then in a sim- 
ilar manner to message A, message C would be repack- 
aged with an outer envelope B and transmitted to the 
user's mobile device 24. In the case where message C 
is representative of a command message from the user's 
mobile device 24 to the host system 1 0A, the command 
message C is not redirected, but is acted upon by the 
host system 10A. 

[0045] If the redirected userdataitemisan E-mail mes- 
sage, as described above, the user at the mobile device 
24 sees the original subject, sender's address, destina- 
tion address, carbon copy and blind carbon copy infor- 
mation. When the user replies to this message, or when 
the user authors a new message, the software operating 
at the mobile device 24 adds a similar outer envelope to 
the reply message (or the new message) to cause the 
message to be routed first to the user's host system 1 0A, 
which then removes the outer envelope and redirects the 
message to the final destination, such as back to com- 
puter 26. This results in the outgoing redirected message 
from the user's host system 1 0A being sent using the E- 
mail address of the host mailbox, ratherthan the address 
of the mobile device, so that it appears to the recipient 
of the message that the message originated from the 
user's desktop system 10A ratherthan the mobile data 
communication device 24. Any replies to the redirected 
message will then be sent to the desktop system 10A, 
which if it is still in redirector mode, will repackage the 
reply and re-send it to the user's mobile data device 24, 
as described above. 

[0046] FIG. 2 is an alternative system diagram showing 
the redirection of user data items from a network server 
host system 10B to the user's mobile data communica- 
tion device 24, where the redirector software 1 2 is oper- 
ating at the server 1 0B. This configuration is particularly 
advantageous for use with message servers such as Mi- 
crosoft's® Exchange Server, which is normally operated 
so that all user messages are kept in one central location 
(or mailbox store) on the server instead of in a memory 
store within each user's desktop PC. This configuration 
has the additional advantage of aiiowing a singie system 
administrator to configure and keep track of all users hav- 
ing messages redirected. If the system includes encryp- 
tion keys, these too can be kept at one place for man- 
agement and update purposes. 
[0047] In this alternative configuration, server 10B 
preferably maintains a user profile for each user's desk- 
top system 26, 28, including information such as whether 
a particular user can have data items redirected, which 
types of message and information to redirect, what 
events will trigger redirection, the address of the users' 
mobile data communication device 24, the type of mobile 
device, and the user's preferred list, if any. The event 
triggers are preferably detected atthe user's desktop sys- 
tem 26, 28 and can be any of the internal, external or 
networked events listed above. The desktop systems 26, 
28 preferably detect these events and then transmit a 



message to the server host computer 1 0B via LAN 1 4 to 
initiate redirection. Although the user data items are pref- 
erably stored atthe server host computer 1 0B in this em- 
bodiment, they could, alternatively, be stored at each us- 
5 er's desktop system 26, 28, which would then transmit 
them to the server computer 1 0B after an event has trig- 
gered redirection. 

[0048] As shown in FIG. 2, desktop system 26 gener- 
ates a message A that is transmitted to and stored at the 

10 host system 10B, which is the network server operating 
the redirector program 1 2. The message A is for desktop 
system 28, but user messages are stored atthe network 
server 1 0B. When an event occurs at desktop system 
28, an event trigger is generated and transmitted to the 

is network server 1 0B, which then determines who the trig- 
ger is from, whether that desktop 28 has redirection ca- 
pabilities, and if so, the server 10B (operating the redi- 
rector program 12) uses the stored configuration infor- 
mation to redirect message A to the mobile computer 24 

20 associated with the user of desktop system 28. 

[0049] As described above with reference to FIG. 1, 
message C could be either a command message from a 
user's mobile data communication device 24, or it could 
be a message from an external computer, such as a com- 

25 puter connected to the Internet 18. If the message C is 
from an Internet computer to the user's desktop system 
28, and the user has redirection capabilities, then the 
server 10B detects the message C, repackages it using 
electronic envelope B, and redirects the repackaged 

30 message (C in B) to the user's mobile device 24. If the 
message C is a command message from the user's mo- 
bile device 24, then the server host computer 1 0B simply 
acts upon the command message using the redirector 
program 12. 

35 [0050] Turning now to FIG. 3, a block diagram is set 
forth that demonstrates the interaction of the redirector 
software 12 with additional components of the desktop 
host system 10A shown in FIG. 1 (i.e., the desktop PC) 
to enable more fully the pushing of information from the 
40 host system 1 0A to the user's mobile data communica- 
tion device 24. These additional components are illustra- 
tive of the type of event-generating systems that can be 
configured and used with the redirector software 1 2, and 
of the type of repackaging systems that can be used to 
45 interface with the mobile communication device 24 to 
make it appear transparent to the user. 
[0051] The desktop host system 10A is connected to 
LAN 1 4, and can send and receive data, messages, sig- 
nals, event triggers, etc., to and from other systems con- 
so nected to the LAN 1 4. Through the LAN, the system 1 0A 
can also communicate with external networks 18, 22, 
such as the Internet or a wireless data network. In addi- 
tion to the standard hardware, operating system, and ap- 
plication programs associated with a typical microcom- 
55 puter or workstation, the desktop system 10A includes 
the redirector program 12, a TCP/IP sub-system 42, an 
E-mail sub-system 44, a primary datastorage device 40, 
a screen saver sub-system 48, and a keyboard sub-sys- 
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tern 46. The TCP/IP and E-mail subsystems 42, 44 are 
examples of repackaging systems that can be used to 
achieve the transparency of the present invention, and 
the screen saver and keyboard subsystems 46, 48 are 
examples of event generating systems that can be con- 
figured to generate event messages or signals that trig- 
ger redirection of the user selected data items. 
[0052] The method steps carried out by the redirector 
program 12 are described in more detail in FIG. 4. The 
basic functions of this program are: (1 ) to configure and 
setup the user-defined event trigger points that will start 
redirection; (2) to configure the types of user data items 
for redirection and optionally configure a preferred list of 
senders whose messages are to be redirected; (3) to 
configure the type and capabilities of the user's mobile 
data communication device; (4) to receive messages and 
signals from the repackaging systems and the event gen- 
erating systems; and (5) to command and control the 
redirection of the user-selected data items to the mobile 
data communication 24 device via the repackaging sys- 
tems. Other functions not specifically enumerated could 
also be integrated into this program. 
[0053] The E-Mail sub-system 44 is the preferred link 
to repackaging the user-selected data items for trans- 
mission to the mobile data communication device 24, and 
preferably uses industry standard mail protocols, such 
as SMTP, POP, IMAP, MIME and RFC-822, to name but 
a few. The E-Mail sub-system 44 can receive messages 
Afrom external computers on the LAN 14, or can receive 
messages C from some external network such as the 
Internet 18 or a wireless data communication network 
22, and stores these messages in the primary data store 
40. Assuming that the redirector 12 has been triggered 
to redirect messages of this type, the redirector detects 
the presence of any new messages and instructs the E- 
Mail system 44 to repackage the message by placing an 
outer wrapper B about the original message A (or C), and 
by providing the addressing information of the mobile da- 
ta communication device 24 on the outer wrapper B. As 
noted above, this outer wrapper B is removed by the mo- 
bile device 24, and the original message A (or C) is then 
recovered, thus making the mobile device 24 appear to 
be the desktop system 1 0A. 

[0054] In addition, the E-Mail sub-system 44 receives 
messages backfrom the mobile device 24 having an out- 
er wrapper with the addressing information of the desktop 
system 1 0A, and strips this information away so that the 
message can be routed to the proper sender of the orig- 
inal message A (or C). The E-Mail sub-system also re- 
ceives command messages C from the mobile device 24 
that are directed to the desktop system 10A to trigger 
redirection or to carry out some otherfunction. The func- 
tionality of the E-Mail sub-system 44 is controlled by the 
redirector program 12. 

[0055] The TCP/IP sub-system 42 is an alternative 
repackaging system. It includes all of the functionality of 
the E-Mail sub-system 44, butinstead of repackaging the 
user-selected data items as standard E-mail messages, 
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this system 42 repackages the data items using special- 
purpose TCP/I P packaging techniques. This type of spe- 
cial-purpose sub-system is useful in situations where se- 
curity and improved speed are important to the user. The 

5 provision of a special-purpose wrapper that can only be 
removed by special software on the mobile device 24 
provides added security, and by bypassing E-mail store 
and forward systems, the speed of delivery of messages 
can be improved. 

10 [0056] As described previously, the redirection can be 
triggered to begin redirection upon detecting numerous 
external, internal and networked events, ortriggerpoints. 
Examples of external events include: receiving a com- 
mand message from the user's mobile data communica- 

is tion device 24 to begin redirection; receiving a similar 
message from some external computer; sensing that the 
user is no longer in the vicinity of the host system; or any 
other event that is external to the host system. Internal 
events could be a calendar alarm, screen saver activa- 

20 tion, keyboard timeout, programmable timer, or any other 
user-defined event that is internal to the host system. 
Networked events are user-defined messages that are 
transmitted to the host system from another computer 
that is connected to the host system via a network to 

25 initiate redirection. Sensing that the user is not in the 
vicinity of the host system may be achieved by (1) an 
electronic camera subsystem that detects whether the 
user has left a predetermined area; (2) heat sensors that 
detects the lack of the user's heat presence; (3) motion 

30 detector that monitors if the user has not created any 
motion for a predetermined period of time; (4) disconnec- 
tion or detachment of the mobile device from a serial 
cradle connected to the desktop computer or host system 
(prior to the mobile device user departing, user would 

35 remove the device from a serial cradle that permits a 
serial synchronization of the data on the mobile with that 
in the host system); and, (5) short-range RF detachment 
to the mobile device worn by the user as he departs the 
vicinity of the host system. 

40 [0057] The screen saver and keyboard sub-systems 
46, 48 are examples of systems that are capable of gen- 
erating internal events. Functionaiiy, the redirector pro- 
gram 12 provides the user with the ability to configure 
the screen saver and keyboard systems so that under 

45 certain conditions an event trigger will be generated that 
can be detected by the redirector 1 2 to start the redirec- 
tion process. For example, the screen saver system can 
be configured so that when the screen saver is activated 
after, for example, 1 0 minutes of inactivity on the desktop 

so system, an event trigger is transmitted to the redirector 
12, which starts redirecting the previously selected user 
data items. In asimilar manner, the keyboard sub-system 
can be configured to generate event triggers when no 
key has been depressed for a particular period of time, 

55 thus indicating that redirection should commence. These 
are just two examples of the numerous application pro- 
grams and hardware systems internal to the host system 
1 0A that can be used to generate internal event triggers. 
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[0058] FIGs.4and5, setforth, respectively, flowcharts 
showing the steps carried out by the redirector software 
12 operating at the desktop host system 10A, and the 
steps carried out by the mobile data communication de- 
vice 24 in orderto interface with the host system. Turning 
first to FIG. 4, at step 50, the redirector program 12 is 
started and initially configured. The initial configuration 
of the redirector 12 includes: (1) defining the event trig- 
gers that the user has determined will trigger redirection; 
(2) selecting the user data items for redirection; (3) se- 
lecting the repackaging sub-system, either standard E- 
Mail, or special-purpose technique; (4) selecting the type 
of data communication device, indicating whether and 
what type of attachments the device is capable of receiv- 
ing and processing, and inputting the address of the mo- 
bile device 24; and (5) configuring the preferred list of 
user selected senders whose messages are to be redi- 
rected. 

[0059] FIG. 4 sets forth the basic steps of the redirector 
program 12 assuming it is operating at a desktop host 
system 10A, such as shown in FIG. 1. If the redirector 
1 2 is operating at a network server host system 1 0B, as 
shown in FIG. 2, then additional configuration steps may 
be necessary to enable redirection for a particular desk- 
top system 26, 28 connected to the server 1 0B, including: 
(1) setting up a profile for the desktop system 26, 28 
indicating its address, events that will trigger redirection, 
and the data items that are to be redirected upon detect- 
ing an event; (2) maintaining a storage area at the server 
1 0B for the data items; and (3) storing the type of data 
communication device 24 to which the desktop system's 
data items are to be redirected, whether and what type 
of attachments the device 24 is capable of receiving and 
processing, and the address of the mobile device 24. 
[0060] Once the redirector program is configured 50, 
the trigger points (or event triggers) are enabled at step 
52. The program 1 2 then waits 56 for messages and sig- 
nals 54 to begin the redirection process. A message could 
be an E-Mail message or some other user data item that 
may have been selected for redirection, and a signal 
could be a trigger signal, or could be some other type of 
signai that has not been configured as an event trigger. 
When a message or signal is detected, the program de- 
termines 58 whether it is one of the trigger events that 
has been configured by the user to signal redirection. If 
so, then at step 60 a trigger flag is set, indicating that 
subsequently received user data items (in the form of 
messages) that have been selected for redirection should 
be pushed to the user's mobile data communication de- 
vice 24. 

[0061] lfthemessageorsignal54isnotatriggerevent, 
the program then determines at steps 62, 68 and 66 
whether the message is, respectively, a system alarm 
62, an E-Mail message 64, or some other type of infor- 
mation that has been selected for redirection. If the mes- 
sage or signal is none of these three items, then control 
returns to step 56, where the redirector waits for addi- 
tional messages 54 to act upon. If, howeverthe message 



is one of these three types of information, then the pro- 
gram 12 determines, at step 68, whether the trigger flag 
has been set, indicating that the user wants these items 
redirected to the mobile device 24. If the trigger flag is 

5 set, then at step 70, the redirector 1 2 causes the repack- 
aging system (E-Mail or TCP/IP) to add the outer enve- 
lope to the user data item, and at step 72 the repackaged 
data item is then redirected to the user's mobile data 
communication device 24 via LAN 1 4, WAN 1 8, wireless 

10 gateway 20 and wireless network22. Control then returns 
to step 56 where the program waits for additional mes- 
sages and signals to act upon. 

[0062] Although not shown explicitly in FIG. 4, after 
step 68 the program could, if operating in the preferred 

is list mode, determine whether the sender of a particular 
data item is on the preferred list, and if not, then the pro- 
gram would skip over steps 70 and 72 and proceed di- 
rectly back to step 56. If the sender is on the preferred 
list, then control returns to steps 70 and 72 for repack- 

20 aging and transmission of the message from the pre- 
ferred list sender to the mobile device 24. 
[0063] FIG. 5 sets forth the method steps carried out 
by the user's mobile data communication device 24 in 
order to interface to the redirector program 12 of the 

25 present invention. At step 80, the mobile software is start- 
ed and the mobile device 24 is configured to operate with 
the system, including, for example, storing the address 
of the user's desktop system 1 0A. 
[0064] At step 82, the mobile device waits for messag- 

30 es and signals 84 to be generated or received. Assuming 
that the redirector software 12 operating at the user's 
desktop system 10A is configured to redirect upon re- 
ceiving a message from the user's mobile device 24, then 
at step 86 the user can decide to generate a command 

35 message that will start redirection at the host system 1 0A. 
If the user does so, then at step 88 the redirection mes- 
sage is composed and sent to the desktop system 10A 
via the wireless network 22, through the wireless gateway 
20, via the Internet 18 to the LAN 14, and is finally routed 

40 to the desktop machine 1 0A. 

[0065] In this situation where the mobile device 24 is 
sending a message directiy to the desktop system 1 0A, 
no outer wrapper is added to the message (such as mes- 
sage C in FIGs. 1 and 2). In addition to the redirection 

45 signal, the mobile device 24 could transmit any number 
of other commands to control the operation of the host 
system 10A, and in particular the redirector program 12. 
For example, the mobile 24 could transmit a command 
to put the host system 1 0A into the preferred list mode 

so state, and then could transmit additional commands to 
add or subtract certain senders or certain message char- 
acteristics from the preferred list. In this manner, the mo- 
bile device 24 can dynamically limit the amount of infor- 
mation being redirected to it by altering the preferred list. 

55 [0066] Other example commands include: (1) a mes- 
sage to change the configuration of the host system 10A 
to enable the mobile device 24 to receive and process 
certain attachments; and (2) a message to instruct the 
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host system 10A to redirect an entire data item to the 
mobile device 24 in the situation where only a portion of 
a particular data item has been previously redirected. 
[0067] Turning backto FIG. 5, if the usersignal or mes- 
sage is not a direct message to the desktop system 1 0A 5 
to begin redirection (or some other command), then con- 
trol is passed to step 90, which determines if a message 
has been received. If a message is received by the mo- 
bile, and it is a message from the user's desktop 1 0A, as 
determined at step 92, then at step 94 a desktop redirec- 10 
tion flag is set "on" for this message, and control passes 
to step 96 where the outer envelope is removed. Follow- 
ing step 96, or in the situation where the message is not 
from the user's desktop 10A, as determined at step 92, 
control passes to step 98, which displays the message « 
for the user on the mobile device's display. The mobile 
unit 24 then returns to step 82 and waits for additional 
messages or signals. 

[0068] If the mobile device 24 determines that a mes- 
sage has not been received at step 90, then control pass- 20 
es to step 1 00, where the mobile 24 determines whether 
there is a message to send. If not, then the mobile unit 
returns to step 82 and waits for additional messages or 
signals. If there is at least one message to send, then at 
step 1 02 the mobile 24 determines whether it is a reply 25 
message to a message that was received by the mobile 
unit. If the message to send is a reply message, then at 
step 108, the mobile 24 determines whetherthe desktop 
redirection flag is on for this message. If the redirection 
flag is not on, then at step 1 06 the reply message is simply 30 
transmitted from the mobile device 24 to the destination 
address via the wireless network 22. If, however, the re- 
direction flag is on, then at step 1 10 the reply message 
is repackaged with the outer envelope having the ad- 
dressing information of the user's desktop system 10A, 35 
and the repackaged message is then transmitted to the 
desktop system 10A at step 106. As described above, 
the redirector program 12 executing at the desktop sys- 
tem then strips the outer envelope and routes the reply 
message to the appropriate destination address using 40 
the address of the desktop system 1 0A as the "from" 
fieid, so that to the recipient of the redirected message, 
it appears as though it originated from the user's desktop 
system rather than the mobile data communication de- 
vice. 45 
[0069] If, at step 1 02, the mobile 24 determines that 
the message is not a reply message, but an original mes- 
sage, then control passes to step 1 04, where the mobile 
24 determines if the user is using the redirector software 
12 at the desktop system 10A, by checking the mobile so 
unit's configuration. If the user is not using the redirector 
software 12, then the message is simply transmitted to 
the destination address at step 1 06. If, however, the mo- 
bile determines that the user is using the redirector soft- 
ware 1 2 at the desktop system 1 0A, then control passes 55 
to step 110, where the outer envelope is added to the 
message. The repackaged original message is then 
transmitted to thedesktop system 10A at step 106, which, 
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as described previously, strips the outer envelope and 
routes the message to the correct destination. Following 
transmission of the message at step 106, control of the 
mobile 24 returns to step 82 and waits for additional mes- 
sages or signals. 

[0070] Now with reference to FIGs. 6-8, there will be 
described an alternative two-host Internet-based system 
using many of the features of the system described in 
the network-based host system 1 0B configuration shown 
in FIG. 2. In the system shown in FIGs. 6-8, however, 
instead of a single host system 1 0B for storing the user's 
messages and for operating the redirector program 12, 
there are two hosts, a messaging host 230, where the 
user's data items are stored, and a wireless redirector 
host system 240, where a wireless redirector program 
242 operates. These two host system are preferably cou- 
pledtogetherviathe Internet21 8. The wireless redirector 
program 242 is similar in many respects to the redirector 
program 12 described above, but is configured for com- 
municating with a wireless gateway 260 coupled to a 
wireless data network 222. 

[0071] With reference to FIG. 6, there is shown an ex- 
ample system diagram showing the redirection of user 
data items, such as message A, from user A's desktop 
PC 204 to user B's mobile data communication device 
220, or alternatively, message B from user B's mobile 
communication device 220 to user A. In this example, 
the messaging host system 230 maintains and stores 
data items received from the Internet 218 for user B in a 
message inbox. In this particular system example, the 
messaging host system 230 is preferably an ISP or an 
ASP that provides connectivity to the Internet 218 for a 
plurality of users, including user B. In another configura- 
tion, the messaging host 230 may be a web-based E- 
mail hosting service such as MSN Hotmail™ or a variety 
of other known web-based E-mail hosting systems. In 
another configuration, the E-mail hosting service sup- 
plies a strictly wireless solution. 
[0072] The messaging host system 230 is configured 
so as to forward acopy of all incoming data items destined 
for user B's inbox to a second host referred to herein as 
a wireiess redirector host system 240. The wireiess re- 
director host system 240 includes the wireless redirector 
program 242. Advantageously, data items destined for a 
user of the messaging host system 230 having a mobile 
communication device are continuously "pushed" to the 
wireless redirector host system 240 as they arrive at the 
messaging host system 230. Upon arrival at the redirec- 
tor host system 240, a wireless redirector software pro- 
gram 242 operating atthe system 240 determines wheth- 
er such data items are user-selected data items to be 
pushed via a wireless network 222 to the user's mobile 
communications device 220. In this manner, user-select- 
ed data items are advantageously pushed out to the mo- 
bile communication device 220 contemporaneously as 
they arrive to the messaging host system 230 so that the 
user need not be concerned about delays in receiving 
user-selected data items on the user's mobile communi- 
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cation device 220. 

[0073] The wireless redirector host system 240 acts 
primarily as a bridge for data items received from the 
Internet 21 8 and those specific data items that have been 
user pre-selected to be redirected (via filtering rules to 
be described later) to the user's mobile communications 
device via the wireless network 222. These filtering rules 
are similar to the "preferred list mode" operation de- 
scribed above with respecttothe systems shown in FIGs. 
1 and 2. The wireless redirector host system 240 may 
thus be considered a "virtual" service provider, providing 
redirection service for an external service such as E-mail 
services hosted by messaging host system 230. 
[0074] Message A in FIG. 6 represents a data item, 
such as an E-mail message, sent from user A's desktop 
PC 204 having user B as the recipient. Because user B 
has a mailbox on the messaging host system 230, the 
message A will be directed via the Internet to the host 
system 230. The flow of this message A is shown in a 
single solid line 206. 

[0075] Message B in FIG. 6 represents an external 
message created on and sent from user B's mobile data 
communications device 220 having user A as a recipient. 
Alternatively, message B also may represent a command 
message from user B's mobile data communication de- 
vice 220 to the wireless redirector host system 240. The 
flow of this message B is shown in a single dashed line 
258. 

[0076] As shown in more detail in FIG. 7, the wireless 
redirector host system 240 preferably includes, along 
with the typical hardware and software associated with 
an Internet gateway, the wireless redirector software 242 
which includes a mail handler, preferably a sendmail dae- 
mon (not shown), a local delivery agent (not shown), a 
plurality of wireless mail stores 248 (preferably one for 
each mobile user such as user B), a filter database 250, 
and a mobile user profile database 254. 
[0077] Also as described in more detail in FIG. 7, the 
messaging host system 230 is preferably a Unix system 
that includes a sendmail daemon 232, a ".forward" file 
238, and a memory storage area 236 for storing the data 
items of certain users that are having messages redirect- 
ed to their mobile data communication devices 220. 
[0078] Referring now to FIGs. 6 and 7, the two-host 
system invention will first be described by way of example 
with reference to message A. FIG. 6 shows an E-mail 
message A being communicated over the Internet 218 
from user A's desktop PC 204 destined for user B's inbox, 
which is located on the messaging host system 230. 
Once the message A reaches a mail handler 232 at the 
messaging host 230, such as a sendmail daemon 232 in 
a preferred embodiment, it can be detected and acted 
upon by this system 230. 

[0079] One of the objectives is to be as non-obtrusive 
as possible to the messaging host system 230 so as to 
make the invention simple to install and implement for 
ISPs and ASPs. The messaging host system 230 may 
be configured in many ways to detect such messages. 
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Since not all users of an ISP or ASP will have a mobile 
communication device 220, it is preferable that the sys- 
tem 230 includes a unique user file that is accessed and 
modified upon the arrival of any new message. The pre- 

5 ferred method of detecting new messages, such as mes- 
sage A, is using Unix's ".forward" file 238. Preferably, the 
redirection (or forwarding) of data items is accomplished 
by modifying the ".forward" file 238 typically found in the 
user's root directory at the messaging host system 230, 

10 such as an ISP. The ".forward" file is a simple ASCII text 
file comprising at least a list of one or more E-mail ad- 
dresses (with some control information). The sendmail 
daemon 232 checks for the existence of this file 238, and 
uses its content to forward data items to the appropriate 

is locations. Other methods of detecting and forwarding 
new data items destined for a user having a mobile com- 
munications device 220 could also be used and such 
other methods are well within the scope of the present 
invention. 

20 [0080] An example of the content of the ".forward" file 
modified for the present invention is: 

\usemame Oisp.net username@wirelessredirec- 
torhost.net 

25 

[0081] In this example, the sendmail daemon 232 
would redirect a copy of any incoming data itemsto those 
two addresses, namely "username@isp.net" and "user- 
name@wirelessredirectorhost.net." In the latter case, 

30 the data item would, preferably, be sent via the Internet 
to the wireless redirector host system 240 for fu rther han- 
dling by the wireless redirector software program 242. 
The former address requires the sendmail daemon 232 
to send the data item to user B's inbox of the local data 

35 item store 236. User B may access his data items in the 
inbox as he traditionally does - by, for example, POP3 or 
IMAP. In this manner, the forwarding activity is transpar- 
ent to the user. The user B when viewing the inbox data 
items at his desktop PC 202 would know of the redirecting 

40 activity only by the message text that may be added to 
the messages as they are redirected by the mail handler. 
[0082] Assuming that the redirector program 242 is ac- 
tivated at the wireless redirector host system 240, and 
has been configured by the user to replicate certain user 

45 data items (such as message A) to the mobile commu- 
nications device 220, when the message A is received 
at the wireless redirector host system 240, the redirector 
program 242 detects message A's presence and pre- 
pares the message for a second redirection to the mobile 

so device 220. In preparing the message for the second 
redirection, the redirector program 242 may compress 
the original message A, it may compress the message 
header, or it may encrypt the entire message A to create 
a secure link to the mobile device 220. However, before 

55 the redirector program 242 compresses or encrypts the 
message A and redirects it to the mobile device 220, it 
examines stored user information and filtering rules that 
are associated with the recipient, user B, so as to deter- 
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mine how the message A should be handled. 

A) Filtering 

[0083] Preferably, before the redirector program 242 
begins preparing the message A for redirection, the re- 
director242 examines the data item with respectto rules 
contained on a user B configurable filtering agent 250 
(see, FIG. 7) which essentially is a database of rules that 
are to be applied for each user's incoming data items. 
The filtering agent 250 is preferably accessible by the 
user via the World Wide Web in a filter web page 252. 
The filter web page 252 allows the user, if the user so 
desires, to access and apply a plurality of filtering rules 
or any combination thereof that are to be applied to all 
incoming data items destined for that user. Preferably, 
in addition to filtering rules, web page 252 allows user B 
to switch between an active or a de-active state for the 
redirection of user B's incoming messages. This switch- 
ing feature is particularly useful during instances where 
user B is at his desktop PC 202 and accessing his inbox 
of the local store 236 and desires that the redirection of 
incoming mail to his mobile device 220 is temporarily 
deactivated. The following criteria are exemplary of the 
types of filtering rules that may be available to the user: 
sender(s); how addressed (To, CC, BCC); subject key- 
word^); message keyword(s); and importance (high, 
low, normal). 

[0084] In any event, the filtering agent 250 is preferably 
hosted by the wireless redirector host system 240, but 
may be hosted by alternative host systems, including the 
messaging host system 230 so long as the redirector 
program 242 has access to the most current set of rules 
and can make a determination whether any particular 
data item has satisfied all user-defined filtering rules. Al- 
ternatively, the filtering agent 250 may be combined with 
the user profile database 254. Data items that do not 
clear the filtering rules are marked as "handled" by the 
redirector program 242 in the wireless data item store 
248, and are not further handled by the redirector 242. 

B) User Profile 

[0085] Also accessible by the redirector program 242 
is the address of the user's mobile data communication 
device 220, the user's SMTP address, the type of device 
220, and whetherthe device 220 can accept certain types 
of attachments, such as word processing or voice attach- 
ments. This information is preferably maintained in a user 
profile database 254 (see, FIG. 7). Such user information 
may be preferably created, updated and removed via a 
web-based user administration page 256. Web page 256 
is preferably access-restricted to the system administra- 
tor of the messaging host system 230 who may from time 
to time add new users to the redirection service. In ad- 
dition to the above user information, the system admin- 
istrator preferably has a switch control feature on the web 
page 256 to deactivate or activate redirection of the data 
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items from the host system 230 that takes precedence 
over the user's selection on web page 252. This, advan- 
tageously, allows the system administerto maintain con- 
trol over the value-added service described herein. 

5 [0086] If the user's type of mobile device 220 cannot 
accept certain types of attachments, then the redirector 
program 242 can be programmed to route the attach- 
ments to a fax or voice number where the user is located. 
The user may provide such information details to the re- 

10 director program 242 via a return message. 

C) Redirection 

[0087] After the redirector program 242 has deter- 

15 mined that a particular message should be redirected, 
and it has prepared the message for redirection, the soft- 
ware 242 preferably converts the message from MIME 
to CMIME (MIME is a standard Internet mail format, and 
CMIME is a compressed version of MIME), and then 

20 sends the message A to a memory store located in the 
mobile communications device 220 via the wireless gate- 
way 250 and the wireless data network 222. In doing so, 
the redirector program 242 preferably packages mes- 
sage A as a message with an outer envelope A' that 

25 contains the addressing information of the mobile device 
220. In the preferred embodiment, the outer envelope is 
GME. The wireless gateway 260 requires this outer en- 
velope information A' in order to know where to send the 
redirected message A. Once the repackaged message 

30 (message A in A') is received by the mobile device 220, 
the outer envelope A' is removed, and the original mes- 
sage A is placed in the second memory store within the 
mobile device 220. By removing the outer envelope A' 
and presenting to the user of mobile device 220 message 

35 A, the system causes the mobile device 220 to appear 
to be at the same physical location as the messaging 
host system 230, or PC 202 in a transparent, seamlessly 
integrated Internet account hosted by messaging host 
system 230. 

40 

D) Outgoing Data Item From Mobile 

[0088] If the redirected user data item is an E-mail mes- 
sage, as described above, then the user at the mobile 

45 device 220 sees the original subject line, sender's ad- 
dress, destination address, and carbon copy address. 
Preferably and desirably, the redirection of the E-mail 
message A is transparent to the mobile communication 
device user. When the user, at the mobile device 220, 

so replies to message A, or when the user authors a new 
message (a reply or a new message collectively referred 
to as "message B"), the software operating at the mobile 
device 220 adds a similar outer envelope (message B') 
to the reply message B (orthe new message B) to cause 

55 message B to be routed to the wireless redirector host 
system 240 via the wireless network 222, which then re- 
moves the outer envelope B', repackages message B as 
message B", and redirects message B" to the final des- 
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tination, such as user A's PC desktop 204. 
[0089] The general flow of such transmission is shown 
as a dotted line in FIG. 6. The removal of the outer en- 
velope B' and repackaging of message B into envelope 
B" results in the outgoing redirected message B" from 
the wireless redirector host system 240 being sent using 
the E-mail address of the user's mailbox on messaging 
host system 230, rather than the address of the mobile 
device 220, so that it appears to the recipient of the mes- 
sage B" that the message originated from the user's 
desktop system 202 or from the messaging host system 
230 itself (as would be the case of a web-based E-mail 
hosting system) ratherthanthe mobile data communica- 
tion device 220. This is accomplished by the redirector 
modifying the "from" and "replyto" identifiers associated 
with the message B to now have the SMTP address of 
user B's messaging host system 230 E-mail account. Ad- 
vantageously, any replies to the message B" will then be 
sent to user B's inbox on messaging host system 230, 
which, if it is still in redirector mode, will repackage the 
reply and resend it to user B's mobile data device 220, 
as described above. 

[0090] A copy of message B (labelled B'") is redirected 
to user B's inbox at messaging host system 230 for re- 
trieval and access by user B at some later time - for re- 
cording keeping purposes. In doing so, the redirector pro- 
gram 242 preferably repackages message B as message 
B'" so as to now have modified addressing information. 
In this preferred instance, the modified addressing infor- 
mation would include changing the "from" header infor- 
mation to read something to the following effect: "Sent 
from mobile communications device to recipient" where 
'recipient' would be the recipient's address of message 
B". This message B"' is forwarded, preferably via the In- 
ternet 218, to the messaging host system 230. 
[0091] As shown in FIG. 7, the messaging host system 
is preferably configured as an ISP. Here, the ISP system 
230 includes a sendmail daemon 232, which forwards 
the copy B"' to the local data item store 236 by a local 
delivery agent (not shown). Further, user B may prefer- 
ably configure his local inbox of data items at the desktop 
202 to store such copy messages in a specific inbox for 
mobile data communications device data items. Of 
course in the illustrative example of messaging host sys- 
tem 230 configured to redirect all incoming data items to 
wireless redirector host system 240, sendmail daemon 
232 would detect a new message and the ".forward" file 
238 would again be accessed and the forwarding infor- 
mation therein acted upon. Consequently, message B"' 
is redirected (not shown) to redirector host system 240. 
At the redirector host system 240, the redirector 242 is 
preferably programmed to detect that such a message 
B'" is a redirection of message B'" sent therefrom. As 
such, the redirector 242 ignores this re-redirected mes- 
sage. Alternatively, the mail handler 232 at the messag- 
ing host system 230 is configured to detect such mes- 
sages and to not redirect such messages. 
[0092] It is to be understood that a plurality of messag- 



26 

ing host systems 230 may use a single redirector host 
system 240 for redirection of users' E-mail messages. 
Furtherstill, a single redirector program 242 may be used 
to service the plurality of messaging host systems 230. 

5 [0093] Turning now to FIG. 8, a flow chart is set forth 
showing the steps carried out by the redirector program 
242 operating at the redirector host system 240 shown 
in FIGs. 6 and 7. The basic steps carried out by the mobile 
communications device 220 in order to interface with the 

10 redirector host system 240 may be accomplished by sub- 
stantially the same steps as shown in FIG. 5, although 
modified for this two-host aspect of the invention. 
[0094] The flow chart in FIG. 8 assumes that the redi- 
rector program 242 has been activated and is operating. 

is Additional configuration steps will be necessary to enable 
redirection services for a new messaging host system 
230. These additional configuration steps include: (1 ) set- 
ting up a profile for the new messaging host system 230 
indicating its address, etc. (2) setting up individual user 

20 profiles, (3) initiating default filtering rules for incoming 
messages from the messaging host system for the users, 
and (4) making available both the filtering rule 252 and 
user profile 256 web pages. The flowchart also assumes 
the necessary steps have been undertaken to configure 

25 the messaging host system 230 to forward a copy of all 
incoming messages to the redirector host system 240 
{i.e., the Unix ".forward" file has been properly config- 
ured). 

[0095] Once the messaging host system 230 is con- 
30 figured 268 and the redirector program 242 is configured 
270, the program 242 then waits for data items at step 
272. As discussed earlier, data items need not be limited 
to E-mail messages but may also include signals that are 
representative of user profile changes or filtering rule 
35 changes. 

[0096] When a data item is detected, the program de- 
termines at steps 274, 276 and 278 whether the data 
item is, respectively, a user profile change 274, a mes- 
sage from the Internet 276, or a message from the wire- 

40 less mobile device 278. If the data item is a user profile 
change, then the appropriate user profile change is made 
at 280. Control then returns to step 272 where the pro- 
gram waits for additional data items. If the data item is a 
message from the Internet, then the appropriate userpro- 

45 file information is checked and applied at step 290. The 
program then checks if the filter rules have changed at 
step 292. If so, the filter rules are reloaded. Next, the filter 
rules are applied at step 296. If the message does not 
clear all applicable redirection filter rules at step 297, the 

so preparation and redirection steps 298 and 300, respec- 
tively, are skipped. The message is thus ignored and 
control is returned to the redirector program 242 at step 
272. Assuming, however, that the message (or at least 
a portion thereof) is to be redirected, then the message 

55 is prepared for redirection at step 298. In the preparation 
step 298, the redirector program 242 adds the outer en- 
velope to the message for wireless transmission. At step 
300, the repackaged message is then forwarded to the 
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user's mobile device 220 via LAN 258, wireless gateway 
260 and wireless network 222. Control then returns to 
step 272 where the program waits for additional data 
items to act upon. 

[0097] If, at step 278, there is a determination that the 
data item is a message from the mobile device 220, then 
the message is prepared for Internet redirection at step 
284. Preparation would preferably include changing the 
"from" and "reply to" fields of the message to replicate 
the address of the user's SMTP address at the messag- 
ing host system 230 - the resulting message referred to 
as message B" in FIG. 6. Also, the preparation step may 
include making a second copy of the message, such mes- 
sage referred to as message B'" in FIG. 6. In this second 
copy, the "from" field is changed to, preferably, "Sent 
from the mobile device to Recipient" where 'Recipient' is 
the SMTP address of the recipient of message B". At 
step 286, previous messages or attachments are ap- 
pended. At step 288, one message is forwarded to the 
recipient (message B") and the copy of the message 
(message B"') is forwarded to the user's messaging host 
system 230 destined for the user's local data item store 
236 for record keeping purposes. Control then returns to 
step 272, where the program waits for additional data 
items to act upon. If, at step 278, there is a determination 
that the data item is not a message from the wireless 
device, otherfunctions maybe performed by the redi rec- 
tor program 242 if so programmed to do so. For instance, 
the message could be a command message such as 
described earlier in this application where additional text 
of the E-mail message may be transmitted to the mobile 
device 220. 

[0098] Although not explicitly shown in the flowchart, 
if at step 276 there is a determination that the message 
is from the Internet, then the redirector program 242 
would check whether the message is a re-redirected 
message from the messaging host system 230. If so, all- 
subsequent steps are skipped (the message is ignored) 
and control is returned to step 272. In this manner, re- 
redirected messages are not redirected to the mobile de- 
vice 220. Alternatively implemented, this determination 
couid be undertaken at step 296 as part of the default 
filtering rules. It is to be understood that the user profile 
andfiltering rules could alternatively be combined togeth- 
er, thus eliminating a step(s). This is, of course, well within 
the scope of the present invention. 
[0099] Although not shown, the additional step of main- 
taining the wireless data item store 248 is another step 
(s) that the redirector would preferably manage. At a pre- 
determined storage threshold either by date or size, each 
user's earliest stored data item would be deleted to make 
room for newer incoming data items. 
[0100] Referring now to FIGs. 9-12, there will be de- 
scribed an alternative multi-host Internet-based system 
using many of the features of the system described in 
the two-host Internet-based system configuration shown 
in FIGs. 6-8. In the redirector system 200 shown in FIGs. 
9-12, instead of a two-host system for storing the mobile 
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device user's messages and for operating the redirector 
program 1 2, there is a multiplicity of hosts, with each one 
performing part of the distributed tasks of redirector pro- 
gram 12. The redirector system 200 is capable of han- 

5 dling a multiplicity of messaging hosts 230, where the 
mobile device user's data items are stored. Each mes- 
saging host 230 may correspond to an ISP or an ASP 
with its own set of users, a subset of which are configured 
to have their E-mail forwarded for wireless redirection to 

10 their respective mobile devices 220 via the mail handler 
232 according to the forward file 238, as described above 
with reference to FIGs. 6-8. However, in the multi-host 
Internet-based system 200, instead of using a single 
wireless redi rector host system 240, and a single wireless 

is redirector program 242, the redirector program has been 
embodied into a multiplicity of redirector send agents 245 
and redirector receive agents 249, a pair of which can 
be hosted on separate redirector agent host servers 243. 
This multi-host configuration provides the significant ad- 

20 vantage of allowing the redi rector system 200 to be scale- 
able and easily configured to support multiple ISPs 
and/or ASPs each having multiple sites, with each site 
having an associated Internet domain name. A single 
redirector agent host server can support several pairs of 

25 send and receive agents, each pair of agents serving an 
ISP or ASP site. The mapping of redirector host servers 
to sites and the configuration of redirector agents is ac- 
complished via the web-based administration 257 of the 
administration information database 259. Although mul- 

30 tiple host arrangements are described hereinafter prima- 
rily in the context of an illustrative example of ISPs, it is 
to be understood that similar arrangements may also be 
applied to ASPs. 

[0101] SMTP is the only system interface that a mes- 

35 saging host such as an ISP needs to support in order to 
interface with redirector system 200 during normal oper- 
ation. Advantageously, a web browser is the only user 
interface 253 an ISP needs to support in order to config- 
ure the redirector system 200. Similarly, a web browser 

40 is the user interface 256 a user needs to support in order 
to configure the redirector system 200. 
[01 02] By using a hierarchy of stored configuration in- 
formation in the databases 259, 255, 254 and 250, the 
web interfaces 257, 256, 253 and 252 allow a plurality of 

45 system 200 administrative accounts to manage a plurality 
of site manager accounts, which in turn manage a plu- 
rality of site dependent mobile device user accounts. At 
each level down, the web-based interfaces provide ac- 
cess to only those elements of the databases for which 

so the account has authority. 

[0103] Administrative accounts have authority to man- 
age site manager accounts, redirector agent host server 
configuration records, and set site configuration default 
values. Site manager accounts have authority to override 

55 certain site configuration records, manage user ac- 
counts, and set user configuration default values. User 
accounts have authority to override certain user records. 
The next three paragraphs illustrate the type of informa- 
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tion and authority associated with the three accounts de- 
scribed above. 

[01 04] The access to administrative operations is lim- 
ited to system 200 operators who have an administrative 
account comprising an administrator name and pass- 
word useable on web-based administration page 257 in 
order to gain access to the administration database 259. 
An administrator of system 200 manages records for con- 
figuring redirector agent host servers, and manages ac- 
counts for site managers, which access the site informa- 
tion database 255 via web-based site information page 
253. 

[0105] Site managers represent ISP hosted Internet 
domains and manage site information records forfurther 
configuring redirector agents, and manage accounts for 
mobile device 220 users who wish to use system 200 for 
redirecting their data items. The site information record 
includes such items as, for example, an optional Internet 
domain name and a default tag line to be appended at 
the end of every E-mail. 

[0106] A site mobile user, when provided with an ac- 
count by a site manager, can access the user information 
database 254 via web based user administration page 
256, in orderto update those fields of their user informa- 
tion record for which they have authority. For instance, 
a user might wish to override the default site wide tag 
line stored in the site info record corresponding to his 
site, thereby enabling the tag-line customization feature. 
The user might also wish to override the default domain 
name based E-mail address provided by his site manager 
by specifying his single SMTP address, thereby enabling 
domain-massaging feature. 

[0107] As used in this description, the phrase domain- 
massaging is defined as the feature which allows an ISP 
or a site manager to customize the "sent from" and "reply 
to" addresses for messages generated at a mobile device 
by a mobile device user. This new feature functionality 
allows an ISP to effectively offer "single E-mail address" 
functionality to their mobile device users that have an E- 
mail address, which is different from the ISP's default 
domain address. For example, a first mobile device user 
with "singie E-maii address" user@userscompany.com, 
can go through ISP's forwarding service over domain 
isp.com where the user has traditionally the E-mail ad- 
dress user@isp.com. In one embodiment, the ISP can 
activate the domain-massaging feature of the redirector 
receive agent to replace user® isp.com with user® user- 
company. com in the "sent from" and "reply to" fields for 
E-mail messages generated (i.e., originally created, or 
replied from) at the mobile device user's mobile device, 
thereby (1) allowing the userto advantageously use only 
one E-mail address when creating messages at either 
his mobile device or at his traditional non-wireless E-mail 
generation means and (2) making it appear as though 
the user has a "single E-mail address", user® user com- 
pany.com. 

[0108] Closely related to the domain-massaging fea- 
ture is the tag line customization feature, which as used 
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herein, is defined as the feature which allows an ISP to 
provide a default tag line to be appended to all of its mo- 
bile device users' messages generated at and sent from 
the mobile device, as well as the user's ability to custom- 
5 ize the tag line. Preferably, the tag line is appended to 
the messages after arrival from the wireless networksuch 
as at the redirector system, but prior to transmission to 
the intended recipient. This advantageously permits 
over-the-air bandwidth transmission savings. For in- 
fo stance, an ISP may wish to have a default tag line which 
reads, forinstance, "This mobile message broughtto you 
by http://www.isp.com/" thereby creating a sales oppor- 
tunity at every E-mail message sent by every one of their 
new mobile users. A mobile user can then customize the 
fs tag line by, for instance, including a signature such as: 

With regards, 
User Name 

tel.: xxx.yyy.zzz wwww 
20 e-mail: user@isp.com 

[0109] FIG. 1 1 illustrates the steps taken by a redirec- 
tor receive agent 249 in orderto accomplish the two fea- 
tures described in the previous paragraphs, namely do- 

25 main-massaging and tag-line customization. In this ex- 
ample, the redirector receive agent can be considered 
to accomplish steps 284, 286, and 288 of the redirector 
program 242 illustrated in FIG. 8, as well as the additional 
domain-massaging and tag line customization features 

30 to be described. 

[0110] At step 300, the redirector receive agent is no- 
tified that a wireless message is available for redirection 
in wireless data item store 248. This step consists of get- 
ting the message data 31 0 comprised of a content type, 

35 a stream, and a user id. This example assumes that the 
message type is an E-mail message originated from the 
user's mobile device 220. At the next step 320, the user 
id 312 obtained in step 300 is used as a key to obtain a 
user record 330 from the user information database 254. 

40 At step 340, site id 332 obtained in step 320 is used as 
a key to obtain site information record 350 from the site 
information database 255. Step 400, comprised of steps 
410, 420, 430 and 440, sets the user's E-mail address 
upon the condition of the site information record 350 hav- 

45 ing a blank domain name. If the domain name is blank, 
then the SMTP address found in the user record 330 is 
used as the E-mail address. If a domain name is found 
in site record 350, then a juxtaposition of user name and 
domain name is utilized as the E-mail address. Step 440 

so replaces the "send from/ reply to" addresses of the mes- 
sage to the E-mail address. Collectively, step 400 ac- 
complishes the domain-massaging feature. Steps 500, 
comprised of steps 510, 520, 530 and 540 collectively 
accomplish the tag-line customization. In step 510, the 

55 usertag line found in user record 330 is examined. If the 
usertag line is blank, then the site tag line found in record 
350 is utilized. If the usertag line is not blank, then it is 
utilized instead of the site tag line. The utilized tag line is 
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appended to the message at step 540. Finally, step 288 
proceeds to send the message to the recipient designat- 
ed in the message via the Internet, as described in ref- 
erence to FIG. 8. 

[0111] Although not explicitly shown in the drawings, 
it is considered a variation of the present invention that 
is within the scope of the invention to perform othertypes 
of automated information substitution in message data 
items of which two examples have been illustrated in the 
case of domain-massaging and tag line customization in 
the redirector receive agent. 

[0112] As illustrated in FIG. 12, the system 200 advan- 
tageously permits at least one ISP, such as ISP A 600, 
to provide wireless redirection for its customer base and 
customized single E-mail address transparency for a plu- 
rality of companies, such as Company A and Company 
B, by managing a distinct site for each company, in this 
case ISP A site 610, Company A site 612, and Company 
B site 61 4, with corresponding site manager accounts on 
the redirector system 200. Mobile device users associ- 
ated to each of those sites can configure their E-mail tag 
lines, and their E-mail addresses obtained byjuxtaposing 
their E-mail name and their custom site's domain name, 
by taking advantage of domain-massaging and tag line 
customization respectively, via the web-based user in- 
terface 256. 

[01 1 3] Continuing with the same example, if ISP A hav- 
ing a corresponding messaging host 230 wishes to offer 
wireless redirection to its base users, the web-based site 
admin page 257 is used to create a site manager account 
forthe ISP by the system 200 administrator in the admin- 
istration information database 259 via the user interface 
257. The interface 257 is also used to create site manager 
accounts for other sites managed by the ISP, such as 
Company A or Company B. The web-based administra- 
tion page 257 is also used to configure the name and 
authentication information of the redirector agent host 
server 243, and associated redirector send and receive 
agents corresponding to each site. Then the ISP need 
only: a) provide configuration site information to the site 
info database 255 via the web based site information 
page 253, the site information corresponding to iSP site 
infrastructure such as the IP address of the mail handler 
232, associated site domain name, and the creation of 
individual mobile device user accounts for its mobile de- 
vice users; and b) add an entry for each of its mobile 
device users in the forward file 238. After the ISP mobile 
device user accounts 616, 616', 616" are created for 
each site, the ISP mobile device users can update their 
respective user information 254 using the web-based us- 
er admin page 256. 

[0114] To further illustrate this aspect, an example is 
provided. ISP A provides wireless redirection service of 
messages traditionally only hosted at and accessed via 
the ISP to mobile devices assigned to its traditional ISP 
customer base. Some of the ISP customers have cus- 
tomized domain names (i.e., domain.com) wherein the 
ISP hosts a web site (i.e., www.domain.com) and a plu- 
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rality of E-mail addresses associated with the customized 
domain names (i.e., john@domain.com). Such custom- 
ers who opt for the wireless redirection of their E-mail 
messages may continue to use their customized E-mail 
5 addresses when generating and receiving E-mail mes- 
sages at their mobile device. When the systems 200 and 
230 are configured for wireless redirection of E-mail di- 
rected to domain.com, a method for redirecting messag- 
es between a ISP host system and a mobile data com- 
10 munication device is provided, the method comprising 
the steps of: configuring redirection settings for one or 
more mobile device users at the host system; receiving 
incoming messages directed to a first address at the ISP 
host system from a plurality of message senders; in re- 
's sponse to the redirection setting, continuously redirecting 
the incoming messages from the ISP host system to the 
mobile data communication device via a redirector host 
system; receiving outgoing messages generated at the 
mobile communications device at the redirector host sys- 
20 tern; configuring address information of the outgoing 
messages so that the first address is used as an origi- 
nating address of the outgoing messages; and transmit- 
ting the configured outgoing messages to message re- 
cipients. 

25 [0115] The systems described above with reference 
to FIGS. 6-12 redirect data items from a messaging host 
system to a mobile communication device through a wire- 
less redirection host system. Redirected data items are 
compressed and repackaged in the redirection host sys- 

30 tern before being forwarded to the wireless gateway for 
delivery to the mobile device, as shown as the message 
A in A' in FIG. 6 for example. 

[0116] In some redirection system implementations, 
however, it may be desirable to provide a secure link to 

35 a mobile device. A redirected data item must then be 
encrypted using an encryption key at some point within 
the redirection system and then decrypted at a mobile 
device using a decryption key corresponding to the en- 
cryption key. A common problem encountered in secur- 

40 ing such communications relates to providing the re- 
quired decryption key to the mobile device. 
[0117] FiG. 13 is a biock diagram of a redirection sys- 
tem adapted for securely redirecting data items from a 
messaging host system to a mobile device over a wire- 

45 less link. The system of FIG. 13 is substantially similar 
to the system in FIG. 6, but provides for an encryption 
key exchange between the redirection host system 240 
and the mobile device 220 as described in further detail 
below. 

so [0118] In FIG. 13, a user is configured for redirection 
as described above. In order to provide for secure com- 
munications over the wireless link, a mobile device 220 
is then preferably connected to the user's desktop PC 
202 in the above example. This connection may, for ex- 

55 ample, be a serial connection 203 to a port on the desktop 
PC 202 through a suitable connector such as a holder or 
cradle in which the device may be positioned by the user. 
Since the serial connection would normally be a relatively 
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short link and can generally be monitored directly by the 
user, this link is a so-called "trusted" link, or connection, 
over which an encryption key can be loaded onto a device 
220. Although the device 220 is shown in two positions 
in FIG. 1 3, it should be apparent that both instances may 
represent the same mobile device 220 in this illustrative 
example. 

[0119] According to a symmetric key encryption 
scheme, the device 220 shares secret information (a 
key), such as a random number, with the component in 
the system that encrypts redirected data items and de- 
crypts data items generated at the mobile device 220. 
The key may be generated at the redirection host system 
240 by the redirector 242. The shared key might instead 
be generated at the user's desktop PC 202, dependent 
upon the user's movement of the PC's mouse and/or 
keystrokes entered at the desktop PC for example. Gen- 
eration of the key at the messaging host system 230, at 
the wireless gateway 260, or on the mobile device 220 
itself is also contemplated. 

[0120] Regardless of where the key is generated, it 
must then somehow be provided to both the device 220 
and the encryption component within the system. This 
symmetric key distribution will now be described in terms 
of an illustrative example. In the following description, it 
is assumed that the key is generated by the redirector 
242 in the redirection host system 240. 
[0121] When the key has been generated, it is stored 
at the redirector host system 240 for use in encrypting 
redirected data items. A secure message containing the 
key is then sent to the device 220 through the PC 202 
and serial connection 203. This secure message transfer 
may be accomplished using Internet Message Access 
Protocol (IMAP) over Secure Sockets Layer (SSL) or a 
secure web page for example. The key is then extracted 
from the secure message by either the PC 202 or the 
mobile device 220 and stored in the mobile device 220. 
[0122] After the key has been stored at both the redi- 
rector host system 240 and the mobile device 220, any 
redirected data items may be compressed and then en- 
crypted by the redirector software 242 before being sent 
to the mobile device 220 through the wireiess gateway 
260. The device 220, using the stored key, decrypts and 
decompresses any received redirected data items to re- 
cover the original data item which was redirected from 
the messaging host system 230. 
[0123] A public key encryption scheme may also be 
used to secure redirected items. According to this aspect 
of the invention, a redirected data item is encrypted using 
a public key corresponding to a private key stored on the 
mobile device 220. The public key may be stored for ex- 
ample in a central key repository 205 from which it may 
be retrieved by the wireless redirector software 242. In 
a preferred embodiment, key generation and assignment 
is managed by the wireless redirector software 242. A 
key pair comprising a public key and a private key is 
generated and assigned to a particularmobile device 220 
by the wireless redirector software 242. The public key 
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is then stored to the central repository 205 and the private 
key is sent over a secure connection to the device 220 
through the PC 202 and serial connection 203, using 
IMAP over SSL for example. The system then operates 

5 substantially as described above to encrypt redirected 
items before transmission over a wireless network to the 
mobile device 220. In orderto provide for secure transfer 
of data items from the mobile device 220 to the redirector 
host system 240, a second key pair for the redirection 

10 host system must also be generated or assigned. Once 
generated and/or assigned, the redirector private key is 
stored within the redirector host system 240 and the re- 
director public key is similarly sent to the repository 205 
and preferably also to the device 220. 

is [0124] The mobile device key pair may be generated 
on the device 220 and the redirector key pair is generated 
by the redirector 242. The generated private keys are 
respectively stored on the device 220 and the redirector 
242 and the public keys are sent to the key repository 

20 205. The device 220 must be able to communicate with 
the key repository 205, such as through the serial con- 
nection 203 and PC 202, or perhaps through the redirec- 
tor 242. The public keys may be retrieved from the re- 
pository 205 according to any public key distribution 

25 scheme. These public keys might also be exchanged 
when a mobile device 220 is first registered with the re- 
director 242. When all required keys have been gener- 
ated and exchanged, data items sent between the mobile 
device 220 and the redirector 242 can then be encrypted. 

30 [0125] Encryption and decryption of data items sent 
from the mobile device 220, such as message B, may be 
accomplished using the same keys as those used for 
data items sent to the mobile device from the redirector, 
such as message A. Different keys may also be used. 

35 Regardless of the encryption scheme (symmetric key, 
public key, same or different keys, etc.), the mobile device 
220 must be able to decrypt data items encrypted by the 
redirector 242 (FIG. 1 3), 242A and vice versa. In a sym- 
metric key system in which the same keys are used for 

40 redirected data items and data items sent from the mobile 
device 220 for example, both the redirector 242, 242A 
and mobile device 220 must store an encryption key and 
a decryption key. Furthermore, the redirector 242, 242A 
must store such keys for every mobile device 220 for 

45 which it provides data item redirection. Other key storage 
requirements or arrangements will be apparent to those 
skilled in the art. 

[01 26] The encryption arrangements described above 
provide for secure data item transfer over the wireless 

so network within which a mobile device 220 operates. An 
eavesdropper listening on the wireless network is thereby 
prevented from recovering the content of any redirected 
data items. However, the wireless network typically rep- 
resents only a portion of the communication link between 

55 a sender and the mobile device. For example, an incom- 
ing E-mail message A arriving at the messaging host 
system 230 may be sent from any PC 204 connected to 
the Internet. Common mail transfer mechanisms such as 
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SMTP as shown in FIG. 7 are not easily adapted for se- 
cure communications, such that messages are normally 
sent "in the clear" or unencrypted over the Internet. In 
FIG. 13, the message A may also be transferred to the 
redirector242fromthemessaging host system 230 using 
SMTP and would therefore potentially not be secure be- 
tween the sender and the redi rector software 242, where 
encryption of the message is performed in the above ex- 
ample. Messages composed at a mobile device 220 sim- 
ilarly remain encrypted only between the device 220 and 
the redirector 242, since the message must be decrypted 
at the redirector 242 for SMTP transfer to the messaging 
host system 230 and a recipient such as PC 204. Al- 
though message encryption according to the schemes 
described above secures the message between the re- 
director 242 and a mobile device 220, it may be desirable 
to avoid transferring messages destined for or generated 
at the mobile device 220 in the clear over the Internet to 
thereby enhance data item transfer security. 
[0127] The data item transfer between a messaging 
host system and a wireless redirection system over the 
Internet may be avoided by integrating a redirection sys- 
tem with a messaging host system. Such a system is 
shown in FIG. 14. Since data items need not be trans- 
ferred between the messaging host and the redirection 
host in the clear over the Internet, the above security 
risks are eliminated. 

[0128] As in FIGS. 6 and 13 above, FIG. 14 is an ex- 
ample system diagram showing the redirection of user 
data items, such as a message A, from user A's desktop 
PC 204 to user B's mobile data communication device 
220, or alternatively, message B from user B's mobile 
communication device 220 to user A. As in FIG. 13, both 
instances of the device 220 in FIG. 14 may represent the 
same mobile device 220. Although redirection is de- 
scribed primarily in the context of messaging, it is to be 
understood that the invention is in not limited to messag- 
ing. The specific implementations of redirection function- 
ality for other data item types may be somewhat different 
than messaging-related implementations, but the gener- 
al redirection principles and methods will be common and 
are therefore easily adaptable to such other data item 
types by those skilled in the art. 

[0129] In FIG. 14, the messaging host system 231 
maintains and stores data items received from the Inter- 
net 218 for user B in a message inbox, as described 
above. The messaging host system 231 may be an ISP 
that provides connectivity to the Internet 21 8 for a plurality 
of users, including user B. The messaging host 231 may 
also comprise a web-based E-mail hosting service such 
as MSN Hotmail™ or a variety of other known web-based 
E-mail hosting systems. Unlike the messaging host sys- 
tems described above, however, the messaging host 231 
includes a redirector component 242. 
[0130] The messaging host system 231 incorporates 
the wireless redirector program 242, which determines 
whether data items destined for a user of the messaging 
host system 231 having a mobile communication device 
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are user-selected data items to be pushed via a wireless 
network 222 to the user's mobile communications device 
220. Data items may thereby be continuously "pushed" 
to the mobile communication device 220 through the 

5 wireless gateway 260 as they arrive at the messaging 
host system 231 , providing for "always on, always con- 
nected"® functionality of the mobile device 220. 
[0131] In FIG. 14, as in the preceding Figures, mes- 
sage A represents a data item, such as an E-mail mes- 

10 sage, sent from user A's desktop PC 204 having user B 
as the recipient. Because user B has a mailbox on the 
messaging host system 231 , the message A will be di- 
rected via a WAN, such as the Internet 218, to the host 
system 231 . Similarly, message B represents a message 

is created on and sent from user B's mobile data commu- 
nications device 220 having user A as a recipient. Alter- 
natively, message B may instead represent a command 
message from user B's mobile data communication de- 
vice 220 to the wireless redirector component 242. The 

20 flows of messages A and B are respectively shown as a 
single solid line 206A and a single dashed line 258B. 
[0132] The messaging host231 is shown in more detail 
in FIG. 15. As above, the messaging host system 231 is 
preferably a Unix system that includes a sendmail dae- 

25 mon 232 and a memory storage area 236 for storing the 
data items of certain users that are having messages 
redirected to their mobile data communication devices 
220. The messaging host231 also includes the redirector 
242A, along with the typical hardware and software as- 

30 sociated with an Internet gateway. The redirector 242A 
is similarto the redirector242, exceptthat redirector242A 
need not include such messaging system components 
as a mail handler and delivery agents, which will be pro- 
vided as part of the messaging system 231 . A filter da- 

35 tabase 250 and a mobile user profile database 254 are 
used by the redirector 242A to determine a user's redi- 
rection characteristics, substantially as described above. 
[0133] Since the redirector 242A is incorporated into 
the messaging host system 231 , data items for redirec- 

40 tion may be detected directly bythe redirector 242A. The 
mail handler 232 stores incoming data items such as E- 
maii messages for example to the iocai store 236. Since 
only a single store is used in the integrated messaging 
and redirection system shown in FIG. 15, the redirector 

45 242A may query, poll, or otherwise access the local store 
236 to detect new data items in mailboxes for users with 
a mobile device. The mail handler 232 might instead be 
configured to notify the redirector 242A upon the arrival 
of new data items for redirection to a mobile device. Al- 
so ternatively, avariantofthe".forward"filefunctionality de- 
scribed above might also be implemented, such that data 
items destined for users having a mobile device are for- 
warded to the redirector 242A. Other procedures for de- 
tecting new data items in the local store 236 will be ap- 

55 parent to those skilled in the art and as such are consid- 
ered to be within the scope of the invention. 
[01 34] Whether or not data items are to be redirected, 
incoming data items are preferably stored to a user's in- 
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box in the local store 236. If a data item is to be redirected, 
a copy of the data item is sent to the mobile device, but 
the data item is not removed from the local message 
store 236. Such data items may be accessed by a user 
via the user's normal access method, POP3 or IMAP for 5 
example. The forwarding of data items is therefore trans- 
parent to the user. In the example of E-mail message A, 
the user B when viewing the inbox data items at his desk- 
top PC 202 would know of the redirecting activity only 
from message text that may be added to the messages 10 
as they are redirected. 

[0135] Assuming that the redirector program 242A is 
activated and has been configured by the userto replicate 
certain user data items (such as message A) to the mobile 
communications device 220, when the message A is re- « 
ceived at the messaging host system 231 , the redirector 
program 242A detects message A's presence. The user 
information in the store 254 and the filtering rules in the 
store 250 that are associated with the recipient, user B, 
are then used by the redirector 242A to determine how 20 
the message A should be handled. 
[01 36] Preferably, before the redirector program 242A 
begins preparing the message A for redirection, the re- 
director 242A examines the data item with respect to 
rules contained on the filtering agent 250 configurable 25 
by each mobile device user such as user B. The filtering 
agent 250 is essentially a database of rules that are to 
be applied for each user's incoming data items and is 
preferably accessible by the user via the World Wide Web 
in a filter web page 252. The filter web page 252 allows 30 
the user to access and select a plurality of filtering rules 
or any combination thereof to be applied to all incoming 
data items destined for that user. The web page 252 also 
preferably allows user B to switch between an active or 
a de-active state for the redirection of user B's incoming 35 
messages. This switching feature is particularly useful 
during instances where user B is at his desktop PC 202 
and accessing his inbox of the local store 236 and desires 
that the redirection of incoming mail to his mobile device 
220 be temporarily deactivated. Such deactivation may 40 
be automatically initiated when the device 220 is con- 
nected to the desktop 202 via serial connection 203 for 
example. The types of filtering rules that may be available 
to the user include: sender(s); how addressed (To, CC, 
BCC); subject keyword(s); message keyword(s); and im- 45 
portance (high, low, normal). Data items that do not clear 
the filtering rules are marked as "handled" by the redi- 
rector program 242A in the data item store 236, and are 
not further handled by the redirector 242A. 
[0137] The filter agent 250 is preferably stored at the so 
messaging host system 231 , but may instead be stored 
at any location accessible to the redirector 242A. As de- 
scribed above, the filter agent may be integrated with the 
user information store 254. 

[0138] Also accessible by the redirector program 242A 55 
is a user profile database 254, which includes the address 
of the user's mobile data communication device 220, the 
user's SMTP address, the type of device 220, and wheth- 



38 

er the device 220 can accept certain types of attach- 
ments, such as word processing or voice attachments. 
The user information may be preferably created, updated 
and removed via a user administration arrangement 261 . 
Although user administration functions may be provided 
through Web page 256 as shown in FIG. 13, for example, 
since the redirector 242A is incorporated into the mes- 
saging host system 231 , and user administration is nor- 
mally access-restricted to th e system adm i n istrato r of th e 
messaging host system, redirector user administration 
is preferably integrated with the administration functions 
of messaging host system 231 . The messaging system 
administrator preferably has a switch control feature to 
deactivate or activate redirection of the data items from 
the host system 231 that takes precedence over the us- 
er's selection on web page 252. This, advantageously, 
allows the system administerto maintain control overthe 
value-added service described herein. The administrator 
may also set global filtering rules to be applied to data 
items for all redirector users. 

[0139] If the user's type of mobile device 220 cannot 
accept certain types of attachments, then the redirector 
program 242A can be configured to route the attach- 
ments to a fax or voice number where the user is located. 
The user may provide such information details to the re- 
director program 242A via a return message. 
[0140] After the redirector program 242A has deter- 
mined that a particular message should be redirected, 
the message is preferably compressed and encrypted. 
A symmetric key or public key encryption scheme may 
be used. In a symmetric key scheme, the keys may be 
generated by the redirector 242A, the desktop 202 or the 
device 220 and distributed to orf rom the device via serial 
connection 203 and a secure transfer mechanism such 
as IMAP over SSL, as described above. When a public 
key encryption scheme is used, the public key for the 
user of the mobile device is stored in a key repository 
205 (FIG. 14) and can be accessed by the redirector 
242A. Although FIG. 14 shows key generation at the re- 
director 242A, the user's private key is preferably gener- 
ated either at the mobile device 220 or at the desktop PC 
202, since the private key is then either already on the 
device 220 or must be transferred only overthe connec- 
tion 203. After a data item such as message A has been 
compressed and encrypted, the redirector program 242A 
preferably packages the data item as a message with an 
outer envelope A' that contains addressing information 
of the mobile device 220. The wireless gateway 260 re- 
quires this outer envelope information A' in orderto know 
where to send the redirected message A. The mobile 
device 220 removes the outer envelope A' and decrypts 
the message using the appropriate key and decompress- 
es the decrypted message to recover the original data 
item, message A. 

[0141] If the redirected user data item is an E-mail mes- 
sage, as described above, then the user at the mobile 
device 220 sees the original subject line, sender's ad- 
dress, destination address, and carbon copy address. 
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Preferably and desirably, the redirection of the E-mail 
message A is transparent to the mobile communication 
device user. When the user, at the mobile device 220, 
replies to message A, orwhen the user composes a new 
message (a reply or a new message collectively referred 5 
to as "message B"), the new message is compressed, 
encrypted and repackaged in a similar outer envelope 
(message B') to cause message B to be routed to the 
redirector 242A via the wireless network 222, wireless 
gateway 260 and internet or other WAN connection 258. 10 
The redirector 242A then removes the outer envelope 
B', decrypts and decompresses the message B and 
repackages message B as message B" where necessary 
to direct message B" to its final destination, such as user 
A's PC desktop 204. ?s 
[0142] The general flow of a data item from a mobile 
device 220 to an addressee is shown as a dotted line in 
FIGs. 14 and 15. The removal of the outer envelope B' 
and repackaging of message B into envelope B" results 
in the outgoing message B" from the messaging host 20 
system 231 being sent using the E-mail address of the 
user's mailbox on messaging host system 231 , rather 
than the address of the mobile device 220. Thus, it ap- 
pears to the recipient of the message B" that the mes- 
sage originated from the user's desktop system 202 or 25 
from the messaging host system 231 itself (as would be 
the case of a web-based E-mail hosting system) rather 
than the mobile data communication device 220. This is 
accomplished by the redirector 242 modifying 
the "from" and "reply to" identifiers associated with the 30 
message B to now have the SMTP address of user B's 
messaging host system 231 E-mail account. Advanta- 
geously, any replies to the message B" will then be sent 
to user B's inbox on messaging host system 231 , which, 
if it is still in redirector mode, will repackage the reply and 35 
resend it to user B's mobile data device 220, as described 
above. 

[0143] In the integrated messaging/redirector system 
231 , a copy of message B is redirected to user B's inbox 
in the local store 236 for retrieval and access by user B 40 
at some later time. In doing so, the redirector program 
242A preferably repackages message B as message B'" 
so as to have modified addressing information. In this 
preferred instance, the modified addressing information 
would include changing the "from" header information to 45 
indicate that the message was sent from mobile commu- 
nications device. This message B"' is forwarded, possibly 
through the mail handler 232, to the local store 236. 
[01 44] As described above, the integrated messaging/ 
redirection host system 231 is preferably configured as so 
an ISP or an ASP. Here, the system 231 includes a send- 
mail daemon 232, which would forward the copy B'" to 
the local data item store 236 by a local delivery agent 
(not shown). A user may preferably configure his local 
inbox of data items at the desktop 202 to store such copy 55 
messages in a specific inbox for mobile data communi- 
cations device data items. However, in the illustrative ex- 
ample of messaging host system 231 configured to re- 
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direct all incoming data items, message B"' is redirected 
(not shown) to redirector 242A. The redirector is prefer- 
ably programmed to detect that the message B'" is a 
redirection of message B"' sent therefrom. As such, the 
redirector ignores this re-redirected message. Alterna- 
tively, the mail handler232 at the messaging host system 
231 may be configured to detect such messages and to 
not redirect such messages. Since the redirector 242A 
is integrated with the messaging host system 231, this 
re-redirection of the copy data items is more easily avoid- 
ed than in the above two-host systems. For example, in 
implementations where the redirector 242A directly ac- 
cesses the local message store to detect new data items, 
it could be configured to quickly identify and ignore such 
copy messages. 

[0145] The operation of the redirector program 242A 
is substantially as shown in the flow chart of FIG. 8 and 
described above. Although the communications between 
the messaging and redirector components within the 
messaging host system 231 and the specific configura- 
tions thereof are somewhat different than in the above 
two-host system, once a new message for redirection is 
detected, redirection operations proceed as shown in 
FIG. 8. 

[0146] The redirection system shown in FIGs. 14 and 
15 provides for secure communications between a mo- 
bile device 220 and the messaging host system 231 . A 
significant advantage of such a system is that data item 
redirection does not compromise any security measures 
which may be implemented by an ISP or ASP to protect 
data items stored on a messaging system or server. As 
stated above, although the following detailed description 
is based primarily on an illustrative example of ISPs, 
those skilled in the art will appreciate that similar arrange- 
ments may be implemented for ASPs. 
[0147] In the two-host system described above, data 
items are sent in the clear between the messaging host 
system 230 and the wireless redirector host system 240. 
Even though access to such data items on the messaging 
host system 230 may be restricted by an ISP through 
firewall arrangements and logon scripts forexample, data 
items sent from the messaging host system 230 to the 
redirector host system 240 may be intercepted. With the 
secure integrated messaging/redirector system 231 
shown in FIGs. 14 and 15 however, data items are secure 
between the ISP system andthe mobile device 220. Even 
if these encrypted data items are intercepted, they are 
encrypted and therefore cannot be read. Where such a 
strong encryption algorithm as triple-DES (Data Encryp- 
tion Standard) is used, decryption of such intercepted 
data items is computationally infeasible. The protection 
inherent in the ISP arrangements is therefore not com- 
promised by redirection of data items. In the above ex- 
ample, firewall and logon protection are thereby effec- 
tively extended to the mobile device 220. This feature of 
the integrated messaging/redirection host system 231 
may be particularly important for certain groups of users 
having E-mail accounts on the same ISP. Members of a 
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work group for example would be assured that inter- 
group messages maintain the same level of security 
whether a member receives such messages on a desk- 
top system or a mobile communication device. 
[01 48] Where the redirector 242A is integrated with a 5 
messaging host system 231 , redirection will typically be 
provided only forthe particular service provideroperating 
the messaging host system 231 . However, the redirector 
242A may be implemented with a distributed processing 
architecture, as shown in FIG. 1 6, to provide for redirec- 10 
tion of data items for users on multiple domains hosted 
by the ISP, indicated as 233, 233a and 233b in FIG. 1 6. 
As described above in conjunction with FIGs. 9 and 1 0, 
the redirector program 242A may comprise multiple re- 
director send agents 245 and associated redirector re- « 
ceive agents 249, a pair of which can be hosted on sep- 
arate redirector agent host servers 243, thereby provid- 
ing for scaleable and easily configurable multiple-domain 
redirection. Asingle redirector agent host servercan sup- 
port several pairs of send and receive agents, each pair 20 
of agents preferably serving a domain site. In some im- 
plementations, more than one send/receive agent pair 
may serve a particular domain. It is also contemplated 
that a domain may be served by different numbers of 
send agents and receive agents. 25 
[0149] The mapping of redirector host servers to do- 
mains and the configuration of redirector agents are ac- 
complished via the administration arrangement 261 for 
the administration information database 259. Since the 
redirector is integrated with the messaging system, redi- 30 
rector administration 257 and redirector user administra- 
tion 261 are preferably integrated within the messaging 
system. If remote administration of system 231 is desired, 
to allow users to access information in the user informa- 
tion store 254 for example, these administration functions 35 
may also be provided through web-based interfaces, as 
described above. The interface to site information in the 
database 255 is shown as internal to the messaging host 
system 231, since the ISP is hosting such sites, although 
a web-based interface may be provided where site man- 40 
agers represent ISP-hosted internet domains and man- 
age corresponding site information records. User filter 
rules may be established by each user as described 
above and access to the filter agent 250 is therefore pref- 
erably provided through the web-based interface 252. 45 
[0150] A mobile device user, when provided with an 
account, can preferably access the user information da- 
tabase 254 via web based user administration page (not 
shown), in orderto update fields of their user information 
record for which they have authority. For instance, a user so 
might wish to override a default E-mail tag line, thereby 
enabling the above tag-line customization feature. The 
user might also wish to override a default domain name 
based E-mail address by specifying an SMTP address, 
thereby enabling domain-massaging. 55 
[0151] The system of FIG. 16 operates substantially 
as described above, except that new messages are re- 
trieved from the local data item store 236 in the integrated 
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messaging/redirection system in the messaging host 
system 231 . The redirector send and receive agents can 
access the local store 236, such that the wireless data 
item store 248 is no longer required. Otherwise, the dis- 
tributed system operates as described above. 
[0152] As illustrated in FIG. 17, the system of FIG. 16 
advantageously permits an ISP, such as ISP A 700, to 
provide wireless redirection for its customer base and 
customized single E-mail address transparency for a plu- 
rality of companies, such as Company A and Company 
B, by managing a distinct site for each company, in this 
case ISP A site 71 0, Company A site 71 2, and Company 
B site 714. Mobile device users associated to each of 
those sites can configure their E-mail tag lines and E- 
mail addressees obtained by juxtaposing their E-mail 
name and their custom site's domain name, by taking 
advantage of the domain-massaging and tag line cus- 
tomization features. Secure communications between 
the redirector 242A and any mobile devices in accord- 
ance with an aspect of the invention may be particularly 
important to such ISP clients as Company A and Com- 
pany B. 

[0153] Although the integrated messaging/redirection 
system has been described above primarily in the context 
of providing for data item redirection for only asingle ISP, 
including any domains hosted by the ISP, an ISP may 
extend its redirection services to other ISPs. Such an 
arrangement would effectively be a hybrid between the 
two-host system such as shown in FIG. 6 and the inte- 
grated system as shown for example in FIG. 14. The 
overall system diagram would be substantially as shown 
in FIG. 6, although the second host system 240 would 
be an integrated messaging/redirection system 240A as 
shown in FIG. 1 8. In such a system, the integrated ) mes- 
saging/redirection host system 240A provides messag- 
ing and redirection services to it own users 202 and 202a, 
while also providing redirection services for a different 
host system such as 230, having users such as 202b. 
[0154] The messaging host system 230 is configured 
so as to forward a copy of incoming data items destined 
for the inbox of a user such as 202b to the integrated 
messaging/redirection host system 240A for redirection 
to the user's mobile device 220. Data items destined for 
users of the messaging host system 230 having a mobile 
communication device are thereby continuously 
"pushed" to the integrated host system 240A as they ar- 
rive at the messaging host system 230. Upon arrival at 
the integrated host system 240A, the redirector 242 at 
the system 240A determines whether such data items 
are user-selected data items to be pushed to the user's 
mobile communications device 220. 
[0155] The integrated host system 240A acts not only 
as an ISP and redirector for its own users and possibly 
users of domains hosted by the ISP, shown as 202 and 
202a, but also as a gateway for data items received from 
the first host system 230 through the Internet 21 8 or other 
WAN. Redirection of data items destined for host 240A 
users such as 202 and 202a proceeds as described 
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above, with the redirector 242 having direct access to 
the local data item store 236. The data or message flows 
relating to such redirection have therefore not been 
shown in FIG. 1 8. The solid and dashed lines respectively 
indicate the flows for data items A forwarded from the 5 
first host system 230 and data items B originating at a 
mobile device 220 for a user of the first host system 230. 
[01 56] The integrated host system 240A preferably in- 
cludes, along with the typical hardware and software as- 
sociated with an Internet gateway, the redirector 242 10 
which itself may include a mail handler (not shown), pref- 
erably a sendmail daemon (not shown), and a local de- 
livery agent (not shown), a plurality of wireless mail stores 
248 (preferably one for each mobile user such as user 
202b associated with an external ISP), a filter database « 
250, and a mobile user profile database 254. 
[0157] This configuration is intended to be as non-ob- 
trusive as possible to the messaging host system 230. 
The messaging host system 230 may be configured in 
many ways to detect such messages, as described 20 
above. For example, using the ".forward" file 238, new 
data items are detected and forwarded to the integrated 
host system 240A. Other methods of detecting and for- 
warding new data items destined for a user having a mo- 
bile communications device 220 could also be used. 25 
[01 58] If the redirector242 is activated atthe integrated 
host system 240A, and has been configured by the user 
to replicate certain user data items (such as message A) 
to the mobile communications device 220, when the mes- 
sage A is received at the integrated host system 240A, 30 
the redirector program 242 detects message A and pre- 
pares the message for a second redirection to the mobile 
device 220. As described above, the message may be 
compressed and encrypted before being repackaged in- 
to an outer envelope for redirection through the wireless 35 
gateway 260 and wireless network 222 to the mobile de- 
vice 220. The mobile device then removes the outer en- 
velope, decompresses and decrypts received data items 
as required. 

[0159] Users such as 202 and 202a, "native" to the 40 
integrated host 240A, may be configured for redirection 
by a system 240A administrator, through the internal user 
administration 261. External redirection users such as 
202b would preferably be configured with a web-based 
user administration tool 256. However, the ISP or oper- 45 
ator of the integrated system 240A may also maintain at 
least partial control over the administration of external 
users through either the web-based administration tool 
256 or internal administration arrangement 261 . It is con- 
templated that administrative functions for external redi- so 
rection users may require coordination between admin- 
istrators of the integrated host system 240A and the ex- 
ternal host system 230. 

[01 60] The filtering rules stored by filter agent 250 are 
established by each user 202, 202a, 202b through the 55 
web-based interface 252. Regardless of whether a user 
is native or external to the ISP operating the integrated 
host 240A, once the user has been configured by system 
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administrators to enable redirection functions, filter rules 
may be established via the preferably secure web inter- 
face 252 and stored to filter agent 250. 
[01 61 ] When a user of host system 230 has been con- 
figured for redirection of data items to a mobile device 
220 through the integrated system 240A, the redirector 
242 operates substantially as described above and 
shown in FIG. 8 to redirect data items to and from the 
user's mobile device 220. 

[0162] Since the redirector 242 is integrated with a 
messaging system in the system shown in FIG. 18, the 
existing messaging system components such as the mail 
handler 232, delivery agents (not shown) and data item 
store 236 may be used by the redirector and the first host 
system 230 to communicate redirected data items. Such 
a system is shown in FIG. 19. The redirector 242A, as 
described above, need not incorporate its own mail han- 
dler in this embodiment, as described above. Redirected 
data item transfer is accomplished through the mail han- 
dler 232 and delivery agents (not shown) in the integrated 
host system 240B. A further advantage of the integrated 
host system 240B in FIG. 19 is that the redirector 242A 
directly accesses the local data item store 236, thereby 
simplifying new data item detection and eliminating the 
wireless data item store 248. 

[0163] Having described in detail several preferred 
embodiments of the present invention, including pre- 
ferred methods of operation, it is to be understood that 
this operation could be carried out with different elements 
and steps. Many variations on the invention will be obvi- 
ous to those knowledgeable in the field, and such obvious 
variations are within the scope of the invention as 
claimed. 

[0164] For example, further security measures maybe 
implemented to provide for end-to-end secure data item 
transfer, including redirection. Communications between 
a messaging host system such as 230 and a wireless 
redirector host system 240, 240A, 240B, may be protect- 
ed by using a secure E-mail scheme such as so-called 
Pretty Good Privacy® (PGP®). Alternatively, the public 
key encryption arrangements described above may also 
be extended to provide for secure communications be- 
tween any sender (including a sender such as user A, 
external to the messaging host system 230, 231 ) and the 
messaging host system 230, 231 or integrated host sys- 
tem 240A, 240B. In such systems, the redirector may 
simply repackage a received encrypted data item for for- 
warding to or from a mobile device, since the data item 
has already been encrypted. 

[0165] Also, although the system diagrams show mul- 
tiple connections between the various components, 
those skilled in the art will appreciate that such connec- 
tions are intended primarily to illustrate dataflows. In ac- 
tual system implementations, data item transfer between 
the redirector 242A and the local data item store 236 may 
be accomplished using a single connection. Similarly, 
the redirector 242, 242A is preferably connected to the 
wireless gateway 260 through a single connection. This 
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single connection is most preferably maintained open 
when established, thereby providing for near real-time 
data item redirection and "always on, always connect- 
ed"® functionality for all mobile devices 220. 



determining whether a new data item has been 
received atthe messaging host system (230)for 
a particular user; and 

checking a forwarding file coupled to the mes- 
saging host system (230) to determine whether 
the particular user's data items should be redi- 
rected to the redirector host system (240). 



A method of redirecting data items from a messaging 
host system (230) to a user's mobile device (220), 
comprising the steps of: 

detecting a new data item for the user at the 
messaging host system (230); 
forwarding a copy of the new data item to a re- 
director host system (240); 
determining whether the new data item should 
be redirected from the redirector host system 
(240) to the user's mobile device (220); 
if the new data item should be redirected, then 20 

encrypting the new data item to form an en- 
crypted new data item using a cipher algo- 
rithm and an encryption key; and 
packaging the encrypted new data item into 25 
an electronic envelope and 

transmitting the electronic envelopeto the user's 
mobile device (220); 

receiving the electronic envelope at the user's 30 
mobile device (220); 

extracting the encrypted new data item from the 
electronic envelope; and 
decrypting the encrypted new data item to re- 
coverthe new data item using acipheralgorithm 35 
and a decryption key; 



4. The method of claim 3, wherein the forwarding file 
includes a list of system addresses where the user's 
data items should be forwarded by the messaging 
host system (230). 

5. The method of claim 1 , fu rther comprising the steps 



providing an inbox for the user, wherein the in- 
box is coupled to the messaging host system 
(230); and 

forwarding a copy of the new data item to the 
user's inbox on the messaging host system 
(230). 

6. The method of claim 1 , fu rther comprising the steps 



configuring a set of filtering rules for use by the 
redirector host system (240) in determining 
whetherthe new data item should be redirected 
to the user's mobile device (220); and 
providing an access mechanism that allows the 
user to remotely configure and reconfigure the 
set of filtering rules. 

7. The method of claim 1 , fu rther comprising the steps 



characterized by the steps of: 

generatingthe encryption key atacomputersys- 
tem (202) having a secure communications link 
with the mobiie device (220); 
forwarding the encryption key from the computer 
system (202) to the redirector host system (240) 
using a secure message transfer; 
generating the decryption key at the computer 
system (202); and 

forwarding the decryption key from the computer 
system (202) to the mobile device (220) using 
the secure communications link. 

2. The method of claim 1 , furthercomprisingthe step of: 

storing the new data item in a user's inbox cou- 
pled to the messaging host system (230). 

3. The method of claim 1 , wherein the detecting step 
includes the steps of: 



configuring a user profile database for use by 
the redirector host system (240) in determining 
whetherthe new data item should be redirected 
to the user's mobile data device (220); and 
providing an access mechanism that aiiows a 
system administrator of the messaging host sys- 
tem (230) to remotely configure and reconfigure 
the user profile database. 

The method of claim 1 , further comprising the step 



storing the new data item within a memory of 
the mobile device (220). 

The method of claim 1 , wherein the step of forward- 
ing the decryption key comprises: 

sending the decryption key to the mobile device 
(220) over a serial connection (203) between 
the computer system (202) and the mobile de- 
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vice (220). 

10. The method of claim 1, further comprising the steps 
of: 

generating a private key to be used as the de- 
cryption key at the computer system (202); 
forwarding the private key from the computer 
system (202) to the mobile device (220) using 
the secure communications link; 
generating a public key to be used as the en- 
cryption key at the computer system (202); and 
forwarding the public key from the computer sys- 
tem (202) to a public key repository (205). 

11. The method of claim 10,furthercomprisingthestep 
of: 

forwarding the public key from the computer sys- 
tem (202) to the redirector host system (240). 

12. The method of claim 1, further comprising the steps 
of: 

preparing a reply data item at the mobile device 
(220) that is related to the new data item; 
encrypting the reply data item at the mobile de- 
vice (220) to form an encrypted reply data item; 
and 

packaging the encrypted reply data item into an 
electronic envelope and transmitting the elec- 
tronic envelope to the redirector host system 
(240). 

1 3. The method of claim 1 2, wherein the electronic en- 
velope packaged with the encrypted reply data item 
is addressed using an electronic address of the re- 
director host system (240). 

1 4. The method of claim 1 3, further comprising the steps 
of: 

extracting the encrypted reply data item from the 
electronic envelope at the redirector host sys- 
tem (240); 

decrypting the extracted, encrypted reply data 
item to recover the reply data item; 
reconfiguring addressing information associat- 
ed with the reply data item; and 
transmitting the reconfigured reply data item to 
the messaging host system (230). 

1 5. The method of claim 1 4, further comprising the steps 
of: 

receiving the reconfigured reply data item at the 

messaging host system (230); and 

storing the reply data item in a user's inbox cou- 
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pled to the messaging host system (230). 

16. The method of claim 13,furthercomprisingthesteps 
of: 

extracting the encrypted reply data item from the 
electronic envelope at the redirector host sys- 
tem (240); 

decrypting the extracted, encrypted reply data 
item to recover the reply data item; 
reconfiguring addressing information associat- 
ed with the reply data item; and 
transmitting the reconfigured reply data item to 
a destination system using an electronic ad- 
dress included in the reply data item. 

17. The method of claim 1 , fu rther comprising the steps 
of: 

providing the user's mobile device (220) with an 
interface to a wireless data network (222); 
forwarding the electronic envelope from the re- 
director host system (240) to a wireless gateway 
system (260); and 

transmitting the electronic envelope from the 
wireless gateway system (260) to the user's mo- 
bile device (220) using the wireless data network 
(222). 

18. The method of claim 1 , fu rther comprising the steps 
of: 

transmitting a deactivation message from the 
user to the redirector host system (240); and 
upon receiving the deactivation message, pro- 
hibiting the redirection of data items for the user 
sending the deactivation message. 

19. The method of claim 1 , wherein the determining step 
includes the steps of: 

accessing a user profile database including a 
list of authorized users; and 
checking whether the user associated with the 
new data item is an authorized userto determine 
whetherthe new data item should be redirected 
to the user's mobile device (220). 

20. The method of claim 1 , wherein the determining step 
includes the steps of: 

accessing a filter rules database including a list 
of filters to be applied to data items for a partic- 
ular user; and 

applying the filters to the new data item to de- 
termine whether the new data item should be 
redirected to the user's mobile device (220). 
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21 . The method of claim 1 , wherein the packaging step 
includes the step of addressing the electronic enve- 
lope using the electronic address of the user's mobile 
device (220). 

5 

22. The method of claim 1 , wherein the data items are 
E-mail messages, and wherein the messaging host 
system (230) is an E-mail host system. 

23. The method of claim 1, wherein the user's mobile 10 
device (220) is a laptop computer. 

24. The method of claim 1, wherein the user's mobile 
device (220) is a two-way paging computer. 

25. The method of claim 24, wherein the two-way paging 
computer includes a wireless network interface for 
communicating with the redirector host system (240) 
via a wireless data network (222). 

20 

26. The method of claim 25, wherein the redirector host 
system (240) is coupled to the wireless data network 
(222) via a wireless gateway system (260). 

27. The method of claim 26, wherein the electronic en- 25 
velope is addressed using the wireless data network 
address of the two-way paging computer. 

28. The method of claim 1 , wherein the messaging host 
system (230) is an Internet Service Provider. 30 

29. The method of claim 28, wherein the data items are 
E-mail messages, and wherein the Internet Service 
Provider includes a mail server program. 

35 

30. The method of claim 29, wherein the Internet Service 
Providerfurther includes a forwarding database cou- 
pled to the mail server program for detecting whether 
a new data item received at the mail server should 

be forwarded to a redirector host system (240), and 40 
for determining the electronic address of that redi- 
rector host system (240). 

31 . The method of claim 1 , wherein the messaging host 
system (230) and the redirector host system (240) 45 
are coupled via the Internet (21 8). 

32. The method of claim 1 , wherein the redirector host 
system (240) includes a further messaging host sys- 
tem, so 

33. The method of claim 1 , wherein the redirector host 
system (240) is incorporated with the messaging 
host system. 

55 

34. The method of claim 6, wherein the access mecha- 
nism for remotely configuring and reconfiguring the 
filtering rules is a web-page interface. 
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35. The method of claim 7, wherein the access mecha- 
nism for remotely configuring and reconfiguring the 
user profile database is a web-page interface. 

36. The method of claim 1 , further comprising the steps 
of: 

configuring a user profile database for use by 
the redirector host system (240) in determining 
whetherthe new data item should be redirected 
to the user's mobile data device (220); and 
storing, within the user profile database, the 
electronic address of the user's mobile device 
(220). 

37. The method of claim 36, further comprising the step 
of: 

storing, within the user profile database, infor- 
mation regarding the type and configuration of 
the user's mobile device (220). 

38. The method of claim 1 , wherein the packaging step 
further includes the steps of: 

converting the encrypted new data item into a 

compressed format; and 

placing the compressed new data item into an 

electronic envelope that is addressed using the 

electronic address of the user's mobile device 

(220). 

39. A system for redirecting data items from a messaging 
host system (230) to a user's mobile device (220), 
comprising 

means for detecting a new data item for the user 
at the messaging host system (230); 
means for forwarding a copy of the new data 
item to a redirector host system (240); 
means for determining whether the new data 
item shouid be redirected from the redirector 
host system (240) to the user's mobile device 
(220) and, if the new data item should be redi- 
rected, for activating: 

means for encrypting the new data item to 
form an encrypted new data item using a 
cipher algorithm and an encryption key; 
means for packaging the encrypted new da- 
ta item into an electronic envelope; and 
means for transmitting the electronic enve- 
lope to the user's mobile device (220); 

wherein the user's mobile device (220) comprises: 

means for receiving the electronic envelope; 
means for extracting the encrypted new data 



EP 1 284 570 B1 



26 



51 

item from the electronic envelope; and 
means decrypting the encrypted new data item 
to recover the new data item using a cipher al- 
gorithm and a decryption key; 

the system being characterized by: 

means for generating the encryption key at a 
computer system (202) having a secure com- 
munications link with the mobile device (220); 
means for forwarding the encryption key from 
the computer system (202) to the redirectorhost 
system (240) using a secure message transfer; 
means for generating the decryption key at the 
computer system (202); and 
means for forwarding the decryption key from 
the computer system (202) to the mobile device 
(220) using the secure communications link. 

40. The system of claim 39, wherein the means for for- 
warding the decryption key are configured to send 
the decryption key to the mobile device (220) over a 
serial connection (203) between the computer sys- 
tem (202) and the mobile device (220). 

41. The system of claim 39, further comprising: 

means for generating a private key to be used 
as the decryption key at the computer system 
(202); 

means for forwarding the private key from the 
computer system (202) to the mobile device 
(220) using the secure communications link; 
means for generating a public key to be used as 
the encryption key at the computer system 
(202); and 

means for forwarding the public key from the 
computersystem (202) to a public key repository 
(205). 

42. The system of claim 41 , further comprising: 

means for forwarding the public key from the 
computer system (202) to the redirector host 
system (240). 



Patentanspruche 

1. Verfahren zum Umleiten bzw. Weiterleiten von Da- 
tenelementen von einem Messaging-Hostsystem 
(230) an eine mobile Vorrichtung (220) eines Benut- 
zers, das die Schritte aufweist: 

Erfassen eines neuen Datenelements fur den 
Benutzeran dem Messaging-Hostsystem (230); 
Weiterleiten einer Kopie des neuen Datenele- 
ments an ein Redirector-Hostsystem (240); 
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Bestimmen, ob das neue Datenelement von 
dem Redirector-Hostsystem (240) an die mobile 
Vorrichtung (220) des Benutzers urn- bzw. wei- 
tergeleitet werden soil; 
5 wenn das neue Datenelement urn- bzw. weiter- 

geleitet werden soil, dann 

Verschliisseln des neuen Datenelements, 
um ein verschliisseltes neues Datenele- 
10 ment zu bilden, unter Verwendung eines 

Chiffrieralgorithmus und eines Verschliis- 
selungsschliissels; und 
Verpacken des verschlusselten neuen Da- 
tenelements in einen elektronischen Urn- 
's schlag und Ubertragen des elektronischen 
Umschlags an die mobile Vorrichtung (220) 
des Benutzers; 

Empfangen des elektronischen Umschlags an 
20 der mobilen Vorrichtung (220) des Benutzers; 

Extrahieren des verschlusselten neuen Daten- 
elements aus dem elektronischen Umschlag; 
und 

Entschliisseln des verschlusselten neuen Da- 
25 tenelements, um das neue Datenelement wie- 

derherzustellen, unter Verwendung eines Chif- 
frieralgorithmus und eines Entschlusselungs- 
schlussels; 

30 charakterisiert durch die Schritte: 

Erzeugen des Verschliisselungsschliissels an 
einem Computersystem (202), das eine sichere 
Kommunikationsverbindung mit der mobilen 
35 Vorrichtung (220) hat; 

Weiterleiten des Verschlusselungsschliissels 
von dem Computersystem (202) an das Redi- 
rector-Hostsystem (240) unter Verwendung ei- 
ner sicheren Nachrichtenubertragung; 
40 Erzeugen des Entschliisselungsschliissels an 

dem Computersystem (202); und 
Weiterleiten des Entschiusseiungsschiusseis 
von dem Computersystem (202) an die mobile 
Vorrichtung (220) unter Verwendung dersiche- 
45 ren Kommunikationsverbindung. 

2. Verfahren gemaG Anspruch 1, dasweiterden Schritt 
aufweist: 

so Speichern des neuen Datenelements in einem 

Eingangsfach bzw. einer Inbox des Benutzers, 
das/die mit dem Messaging-Hostsystem (230) 
verbunden ist. 

55 3. Verfahren gemaG Anspruch 1, wobei der Erfas- 
sungsschritt die Schritte umfasst: 

Bestimmen, ob ein neues Datenelement an dem 
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Messaging-Hostsystem (230) fur einen be- 
stimmten Benutzer empfangen wurde; und 
Uberprufen einer mit dem Messaging-Hostsy- 
stem (230) verbundenen Weiterleitungsdatei, 
urn zu bestimmen, ob die Datenelemente des 
bestimmten Benutzers an das Redirector-Host- 
system (240) um- bzw. weitergeleitet werden 
sollen. 

4. Verfahren gemaR Anspruch 3, wobei die Weiterlei- 
tungsdatei eine Liste von Systemadressen umfasst, 
an welche die Datenelemente des Benutzers von 
dem Messaging-Hostsystem (230) weitergeleitet 
werden sollen. 

5. Verfahren gemaRAnspruch 1 , dasweiterdieSchritte 
aufweist: 

Vorsehen einer Inbox fur den Benutzer, wobei 
die Inboxmitdem Messaging-Hostsystem (230) 
verbunden ist; und 

Weiterleiten einer Kopie des neuen Datenele- 
ments an die Inbox des Benutzers auf dem Mes- 
saging-Hostsystem (230). 

6. Verfahren gemaR Anspruch 1 , dasweiterdieSchritte 
aufweist: 

Konfigurieren eines Satzes von Filterregeln zur 
Verwendung durch das Redirector-Hostsystem 
(240) bei der Bestimmung, ob das neue Daten- 
element an die mobile Vorrichtung (220) des Be- 
nutzers um- bzw. weitergeleitet werden soil; und 
Vorsehen eines Zugriffsmechanismus, der dem 
Benutzer ermoglicht, den Satz von Filterregeln 
aus der Entfernung zu konfigurieren und neu zu 
konfigurieren. 

7. Verfahren gemaR Anspruch 1 , dasweiterdieSchritte 
aufweist: 

Konfigurieren einer Benutzerprofii-Datenbank 
zur Verwendung durch das Redirector-Hostsy- 
stem (240) bei der Bestimmung, ob das neue 
Datenelement an die mobile Vorrichtung (220) 
des Benutzers um- bzw. weitergeleitet werden 
soil; und 

Vorsehen eines Zugriffsmechanismus, der ei- 
nem Systemadministratordes Messaging-Host- 
systems (230) ermoglicht, die Benutzerprofii- 
Datenbank aus der Entfernung zu konfigurieren 
und neu zu konfigurieren. 

8. Verfahren gemaR Anspruch 1 , das weiterden Schritt 
aufweist: 

Speichern des neuen Datenelements in einem 
Speicher der mobilen Vorrichtung (220). 
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9. Verfahren gemaR Anspruch 1 , wobei der Schritt des 
Weiterleitens des Entschlusselungsschlussels um- 



5 Senden des Entschlusselungsschlussels an die 

mobile Vorrichtung (220) iiber eine serielle Ver- 
bindung (203) zwischen dem Computersystem 
(202) und der mobilen Vorrichtung (220). 

10 10. Verfahren gemaRAnspruch 1, dasweiterdieSchritte 
aufweist: 

Erzeugen eines privaten Schlussels an dem 
Computersystem (202), der als der Entschlus- 
is selungsschlussel verwendet werden soil; 

Weiterleiten des privaten Schlussels von dem 
Computersystem (202) an die mobile Vorrich- 
tung (220) unter Verwendung dersicheren Kom- 
munikationsverbindung; 
20 Erzeugen eines offentlichen Schlussels an dem 

Computersystem (202), der als der Verschliis- 
selungsschliissel verwendet werden soil; und 
Weiterleiten des offentlichen Schlussels von 
dem Computersystem (202) an ein Depot (205) 
25 fijr offentliche Schliissel. 

11. Verfahren gemaR Anspruch 10, das weiter den 
Schritt aufweist: 

30 Weiterleiten des offentlichen Schlussels von 

dem Computersystem (202) an das Redirector- 
Hostsystem (240). 

12. Verfahren gemaRAnspruch 1, dasweiterdieSchritte 
35 aufweist: 

Vorbereiten eines Antwortdatenelements, das 
sich auf das neue Datenelement bezieht, an der 
mobilen Vorrichtung (220); 
40 Verschliisseln des Antwortdatenelements an 

der an der mobilen Vorrichtung (220), um ein 
verschiusseites Antwortdateneiement zu bii- 
den; und 

Verpacken des verschliisselten Antwortdaten- 
45 elements in einen elektronischen Umschlag und 

Ubertragen des elektronischen Umschlags an 
das Redirector-Hostsystem (240). 

13. Verfahren gemaB Anspruch 12, wobei der elektro- 
50 nische Umschlag, mit dem das verschlusselte Ant- 
wortdateneiement verpackt ist, unter Verwendung 
einer elektronischen Adresse des Redirector-Host- 
systems (240) adressiert ist. 

55 14. Verfahren gemaR Anspruch 13, das weiter die 
Schritte aufweist: 

Extrahieren des verschliisselten Antwortdaten- 
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elements aus dem elektronischen Umschlag an 
dem Redirector-Hostsystem (240); 
Entschlusseln des extrahierten verschliisselten 
Antwortdatenelements, urn das Antwortdaten- 
element wiederherzustellen; 
Neukonfigurieren einer Adressierungsinforma- 
tion, die zu dem Antwortdatenelement gehort; 

Gbertragen des neu konfigurierten Antwortda- 
tenelements an das Messaging-Hostsystem 
(230). 

15. Verfahren gemaB Anspruch 14, das weiter die 
Schritte aufweist: 

Empfangen des neu konfigurierten Antwortda- 
tenelements an dem Messaging-Hostsystem 
(230); und 

Speichern des Antwortdatenelements in einer 
Inbox eines Benutzers, die mit dem Messaging- 
Hostsystem (230) verbunden ist; 

16. Verfahren gemaB Anspruch 13, das weiter die 
Schritte aufweist: 

Extrahieren des verschliisselten Antwortdaten- 
elements aus dem elektronischen Umschlag an 
dem Redirector-Hostsystem (240); 
Entschlusseln des extrahierten verschliisselten 
Antwortdatenelements, urn das Antwortdaten- 
element wiederherzustellen; 
Neukonfigurieren einer Adressierungsinforma- 
tion, die zu dem Antwortdatenelement gehort; 
und 

Gbertragen des neu konfigurierten Antwortda- 
tenelements an ein Zielsystem unter Verwen- 
dung einer elektronischen Adresse, die in dem 
Antwortdatenelement enthalten ist. 

17. Verfahren gemaB Anspruch 1 , das weiter die Schritte 
aufweist: 

Vorsehen der mobilen Vorrichtung (220) des 
Benutzers mit einer Schnittstelle zu einem 
drahtlosen Datennetzwerk (222); 
Weiterleiten des elektronischen Umschlags von 
dem Redirector-Hostsystem (240) an ein draht- 
loses Gateway-System (260); und 
Gbertragen des elektronischen Umschlags von 
dem drahtlosen Gateway-System (260) an die 
mobile Vorrichtung (220) des Benutzers unter 
Verwendung des drahtlosen Datennetzwerks 
(222). 

18. Verfahren gemaB Anspruch 1 , das weiter die Schritte 
aufweist: 

Gbertragen einer Deaktivierungsnachricht von 



Zugreifen auf eine Benutzerprofil-Datenbank, 
die eine Liste von autorisierten Benutzern um- 
fasst; und 

Uberprufen, ob der zu dem neuen Datenele- 
ment gehorende Benutzer ein autorisierter Be- 
nutzer ist, urn zu bestimmen, ob das neue Da- 
tenelement an die mobile Vorrichtung (220) des 
Benutzers um- bzw. weitergeleitet werden soli. 

20. Verfahren gemaB Anspruch 1, wobei der Bestim- 
mungsschritt die Schritte umfasst: 

Zugreifen auf eine Filterregel-Datenbank mit ei- 
ner Liste von Filtern, die auf Datenelemente fur 
einen bestimmten Benutzer anzuwenden sind; 
und 

Anwenden der Filter auf das neue Datenele- 
ment, um zu bestimmen, ob das neue Daten- 
element an die mobile Vorrichtung (220) des Be- 
nutzers um- bzw. weitergeleitet werden soil. 

21. Verfahren gemaB Anspruch 1, wobei der Verpak- 
kungsschritt den Schritt der Adressierung des elek- 
tronischen Umschlags unter Verwendung der elek- 
tronischen Adresse der mobilen Vorrichtung (220) 
des Benutzers umfasst. 

22. Verfahren gemaB Anspruch 1, wobei die Datenele- 
mente E-Mail-Nachrichten sind und wobei das Mes- 
saging-Hostsystem (230) ein E-Mail-Hostsystem ist. 

23. Verfahren gemaB Anspruch 1 , wobei die mobile Vor- 
richtung (220) des Benutzers ein Laptop-Computer 
ist. 

45 

24. Verfahren gemaB Anspruch 1, wobei die mobile Vor- 
richtung (220) des Benutzers ein Zweiweg-Paging- 
Computer ist. 

so 25. Verfahren gemaB Anspruch 24, wobei derZweiweg- 
Paging-Computer eine drahtlose Netzwerkschnitt- 
stelle zur Kommunikation mit dem Redirector-Host- 
system (240) liber ein drahtloses Datennetzwerk 
(222) umfasst. 

55 

26. Verfahren gemaB Anspruch 25, wobei das Redirec- 
tor-Hostsystem (240) mit dem drahtlosen Daten- 
netzwerk (222) uber ein drahtloses Gateway-Sy- 



dem Benutzer an das Redirector-Hostsystem 
(240); und 

bei Empfang der Deaktivierungsnachricht Ver- 
hindern der Umleitung von Datenelementen fur 
den Benutzer, der die Deaktivierungsnachricht 



19. Verfahren gemaB Anspruch 1, wobei der Bestim- 
mungsschritt die Schritte umfasst: 
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stem (260) verbunden ist. 

27. Verfahren gemaB Anspruch 26, wobei der elektro- 
nische Umschlag unter Verwendung derdrahtlosen 
Datennetzwerkadresse des Zweiweg-Paging-Com- 
puters adressiert wird. 

28. Verfahren gemaB Anspruch 1 , wobei das Messa- 
ging-Hostsystem (230) ein Internetdiensteanbieter 
ist. 

29. Verfahren gemaB Anspruch 28, wobei die Datenele- 
mente E-Mail-Nachrichten sind und wobei der Inter- 
netdiensteanbieter ein Mail-Serverprogramm um- 
fasst. 

30. Verfahren gemaB Anspruch 29, wobei der Internet- 
diensteanbieter weiter eine Weiterleitungs-Daten- 
bank umfasst, die mit dem Mail-Serverprogramm 
verbunden ist, urn zu erfassen, ob ein an dem Mail- 
Server empfangenes neues Datenelement an das 
Redirector-Hostsystem (240) weitergeleitet werden 
soil, und um die elektronische Adresse dieses Re- 
director-Hostsystems (240) zu bestimmen. 

31. Verfahren gemaB Anspruch 1, wobei das Messa- 
ging-Hostsystem (230) und das Redirector-Hostsy- 
stem (240) uber das Internet (21 8) verbunden sind. 



Konfigurieren einer Benutzerprofil-Datenbank 
zur Verwendung durch das Redirector-Hostsy- 
stem (240) bei der Bestimmung, ob das neue 
Datenelement an die mobile Vorrichtung (220) 
des Benutzers um- bzw. weitergeleitet werden 
soil; und 

Speichern der elektronischen Adresse der mo- 
bilen Vorrichtung (220) des Benutzers in der Be- 



nutzerprofil-Datenbank. 

37. Verfahren gemaB Anspruch 36, das weiter den 
Schritt aufweist: 

5 

Speichern einer Information hinsichtlich des 
Typs und der Konfiguration der mobilen Vorrich- 
tung (220) des Benutzers in der Benutzerprofil- 
Datenbank. 

10 

38. Verfahren gemaB Anspruch 1, wobei der Verpak- 
kungsschritt weiter die Schritte aufweist: 

Umwandeln des verschlusselten neuen Daten- 
is elements in ein komprimiertes Format; und 

Platzieren des komprimierten neuen Datenele- 
ments in einem elektronischen Umschlag, der 
unter Verwendung der elektronischen Adresse 
der mobilen Vorrichtung (220) des Benutzers 
20 adressiert ist. 

39. System zum Umleiten bzw. Weiterleiten von Daten- 
elementen von einem Messaging-Hostsystem (230) 
an eine mobile Vorrichtung (220) eines Benutzers, 

25 wobei das System aufweist 

Mittel zum Erfassen eines neuen Datenele- 
ments fur den Benutzer an dem Messaging- 
Hostsystem (230); 

Mittel zum Weiterleiten einer Kopie des neuen 
Datenelements an ein Redirector-Hostsystem 
(240); 

Mittel zum Bestimmen, ob das neue Datenele- 
ment von dem Redirector-Hostsystem (240) an 
die mobile Vorrichtung (220) des Benutzers um- 
bzw. weitergeleitet werden soil, und wenn das 
neue Datenelement um- bzw. weitergeleitet 
werden soli, zum Aktivieren von: 

Mitteln zum Verschliisseln des neuen Da- 
tenelements, um ein verschlusseltes neues 
Datenelement zu biiden, unter Verwendung 
eines Chiffrieralgorithmus und eines Ver- 
schlusselungsschlussels; 
Mitteln zum Verpacken des verschlusselten 
neuen Datenelements in einen elektroni- 
schen Umschlag; und 
Mitteln zum Ubertragen des elektronischen 
Umschlags an die mobile Vorrichtung (220) 
des Benutzers; 

wobei die mobile Vorrichtung (220) des Benutzers 
aufweist: 

Mittel zum Empfangen des elektronischen Um- 
schlags; 

Mittel zum Extrahieren des verschlusselten neu- 
en Datenelements aus dem elektronischen Um- 



32. Verfahren gemaB Anspruch 1 , wobei das Redirec- 30 
tor-Hostsystem (240) ein weiteres Messaging-Host- 
system umfasst. 

33. Verfahren gemaB Anspruch 1 , wobei das Redirec- 
tor-Hostsystem (240) gemeinsam mit dem Messa- 35 
ging-Hostsystem ausgebildet ist. 

34. Verfahren gemaB Anspruch 6, wobei der Zugriffs- 
mechanismus zum entfernten Konfigurieren und 
Neukonfigurieren der Filterregeln eine Webseiten- 40 
Schnittstelle ist. 

35. Verfahren gemaB Anspruch 7, wobei der Zugriffs- 
mechanismus zum entfernten Konfigurieren und 
Neukonfigurieren der Benutzerprofil-Datenbank ei- 45 
ne Webseiten-Schnittstelle ist. 

36. Verfahren gemaB Anspruch 1 , das weiter die Schritte 
aufweist: 

50 
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schlag; und 

Mittel zum Entschlusseln des verschliisselten 
neuen Datenelements, um das neue Datenele- 
ment wiederherzustellen, unterVerwendung ei- 
nes Chiffrieralgorithmus und eines Entschliisse- 5 
lungsschlussels; 



Revendications 

1. Precede de redirection d'articles de donnees d'un 
systeme note de messagerie (230) a un dispositif 
mobile d'utilisateur (220), comprenant les etapes 
consistant a : 



wobei das System charakterisiert ist durch: 

Mittel zum Erzeugen des Verschliisselungs- 10 
schlussels an einem Computersystem (202), 
das eine sichere Kommunikationsverbindung 
mit der mobilen Vorrichtung (220) hat; 
Mittel zum Weiterleiten des Verschlusselungs- 
schlussels von dem Computersystem (202) an « 
das Redirector-Hostsystem (240) unter Ver- 
wendung einer sicheren Nachrichtenijbertra- 

Mittel zum Erzeugen des Entschlusselungs- 
schlussels an dem Computersystem (202); und 20 
Mittel zum Weiterleiten des Entschliisselungs- 
schliissels von dem Computersystem (202) an 
die mobile Vorrichtung (220) unterVerwendung 
der sicheren Kommunikationsverbindung. 

25 

40. System gemaR Anspruch 39, wobei die Mittel zum 
Weiterleiten des Entschlusselungsschlussels konfi- 
guriert sind, den Entschliisselungsschlussel an die 
mobile Vorrichtung (220) iiber eine serielle Verbin- 
dung (203) zwischen dem Computersystem (202) 30 
und der mobilen Vorrichtung (220) zu senden. 

41. System gemaR Anspruch 39, das weiter aufweist: 

Mittel zum Erzeugen eines privaten Schlussels 35 
an dem Computersystem (202), der als der Ent- 
schliisselungsschlussel verwendetwerden soil; 
Mittel zum Weiterleiten des privaten Schlussels 
von dem Computersystem (202) an die mobile 
Vorrichtung (220) unter Verwendung der siche- 40 
ren Kommunikationsverbindung; 
Mittei zum Erzeugen eines offentiichen Schlus- 
sels an dem Computersystem (202), der als der 
Verschlusselungsschlussel verwendet werden 
soil; und 45 
Mittel zum Weiterleiten des offentiichen Schlus- 
sels von dem Computersystem (202) an ein De- 
pot (205) fur offentliche Schlussel. 

42. System gemaR Anspruch 41 , das weiter aufweist: so 

Mittel zum Weiterleiten des offentiichen Schlus- 
sels von dem Computersystem (202) an das Re- 
director-Hostsystem (240). 



detecter un nouvel article de donnees pour I'uti- 
lisateur au niveau du systeme hote de messa- 
gerie (230) ; 

transferer une copie du nouvel article de don- 
nees a un systeme hote redirecteur (240) ; 
determiner si le nouvel article de donnees doit 
etre redirige du systeme hote redirecteur (240) 
au dispositif mobile de I'utilisateur (220) ; 
si le nouvel article de donnees doit etre redirige, 
alors 

chiffrer le nouvel article de donnees pourformer 
un nouvel article de donnees chiffre en utilisant 
un algorithme de chiffrement et une cle de 
chiffrement ; et 

envelopper le nouvel article de donnees chiffre 
dans une enveloppe electronique ettransmettre 
I'enveloppe electronique au dispositif mobile de 
I'utilisateur (220) ; 

recevoir I'enveloppe electronique au niveau du 
dispositif mobile de I'utilisateur (220) ; 
extraire le nouvel article de donnees chiffre de 
I'enveloppe electronique ; et 
dechiffrer le nouvel article de donnees chiffre 
pour recuperer le nouvel article de donnees en 
utilisant un algorithme de chiffrement et une cle 
de dechiffrement ; 

caracterise par les etapes consistant a : 

generer la cle de chiffrement au niveau d'un sys- 
teme informatique (202) ayant une liaison de 
communications securisee avec le dispositif 
mobile (220) ; 

transferer la cle de chiffrement du systeme in- 
formatique (202) au systeme hote redirecteur 
(240) en utilisant un transfert de message 
securise ; 

generer la cle de dechiffrement au niveau du 
systeme informatique (202) ; et 
transferer la cle de dechiffrement du systeme 
informatique (202) au dispositif mobile (220) en 
utilisant la liaison de communications securisee. 

2. Precede selon la revendication 1, comprenant en 
outre I'etape consistant a : 

stacker le nouvel article de donnees dans une 
boTte de reception d'utilisateur couplee au sys- 
teme hote de messagerie (230). 



3. Precede selon la revendication 1 , dans lequel I'etape 
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de detection comprend les etapes consistant a : 

determiner si un nouvel article de donnees aete 
recu au niveau du systeme hote de messagerie 
(230) pour un utilisateur particulier ; et 
verifier un fichier de transfert couple au systeme 
hote de messagerie (230) pour determiner si les 
articles de donnees de I'utilisateur particulier 
doivent etre rediriges vers le systeme hote re- 
directeur (240). 

Precede selon la revendication 3, dans lequel le fi- 
chier de transfert comprend une listed'adresses sys- 
teme ou les articles de donnees de I'utilisateur doi- 
vent etre transferes par le systeme hote de messa- 
gerie (230). 

Procede selon la revendication 1, comprenant en 
outre les etapes consistant a : 

fournir une boTte de reception a I'utilisateur, la 
boTte de reception etant couplee au systeme ho- 
te de messagerie (230) ; et 
transferer une copie du nouvel article de don- 
nees a la boTte de reception de I'utilisateur sur 
le systeme hote de messagerie (230). 



9. Procede selon la revendication 1 , dans lequel I'etape 
de transfert de la cle de dechiffrement comprend : 

renvoi de la cle de dechiffrement au dispositif 
5 mobile (220) sur une connexion serie (203) entre 

le systeme informatique (202) et le dispositif mo- 
bile (220). 

10. Procede selon la revendication 1, comprenant en 
10 outre les etapes consistant a : 

generer une cle privee devant etre utilisee com- 
me cle de dechiffrement au niveau du systeme 
informatique (202) ; 

is transferer la cle privee du systeme informatique 

(202) au dispositif mobile (220) en utilisant la 
liaison de communications securisee ; 
generer une cle publique devant etre utilisee 
comme cle de chiff rement au niveau du systeme 

20 informatique (202) ; et 

transferer la cle publique du systeme informati- 
que (202) a un referentiel de cles publiques 
(205). 

25 11. Precede selon la revendication 10, comprenant en 
outre I'etape consistant a : 



6. Procede selon la revendication 1, comprenant en 
outre les etapes consistant a : 

configurer un ensemble de regies de filtrage 
pour I'utilisation par le systeme hote redirecteur 
(240) en determinant si le nouvel article de don- 
nees doit etre redirige vers le dispositif mobile 
de I'utilisateur (220) ; et 
fournir un mecanisme d'acces qui permet a I'uti- 
lisateur de configurer et de reconfigurer a dis- 
tance I'ensemble de regies de filtrage. 

7. Procede selon la revendication 1, comprenant en 
outre les etapes consistant a : 

configurer une base de donnees de profils d'uti- 
lisateurpour I'utilisation par le systeme hote re- 
directeur (240) en determinant si le nouvel arti- 
cle de donnees doit etre redirige vers le dispositif 
de donnees mobile de I'utilisateur (220) ; et 
fournir un mecanisme d'acces qui permet a un 
administrateur systeme du systeme hote de 
messagerie (230) de configurer et de reconfigu- 
rer a distance la base de donnees de profils d'uti- 
lisateur. 

8. Procede selon la revendication 1, comprenant en 
outre I'etape consistant a: 

stocker le nouvel article de donnees dans une 
memoire du dispositif mobile (220). 



transferer la cle publique du systeme informati- 
que (202) au systeme hote redirecteur (240). 

12. Procede selon la revendication 1, comprenant en 
outre les etapes consistant a : 

preparer un article de donnees de reponse au 
niveau du dispositif mobile (220) qui est lie au 
nouvel article de donnees ; 
chiffrer I'article de donnees de reponse au ni- 
veau du dispositif mobile (220) pour former un 
article de donnees de reponse chiffre ; et 
envelopper I'article de donnees de reponse chif- 
fre dans une enveloppe electronique et trans- 
mettre i'enveioppe electronique au systeme ho- 
te redirecteur (240). 

13. Procede selon la revendication 12, dans lequel I'en- 
veioppe electronique contenant I'article de donnees 
de reponse chiffre est adressee en utilisant une 
adresse electronique du systeme hote redirecteur 
(240). 

14. Procede selon la revendication 13, comprenant en 
outre les etapes consistant a : 

extraire I'article de donnees de reponse chiffre 
de I'enveioppe electronique au niveau du sys- 
teme hote redirecteur (240) ; 
dechiffrer I'article de donnees de reponse chif- 
fre, extrait pour recuperer I'article de donnees 
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de 

reconfigure!- I'information d'adressage associee 
a I'article de donnees de reponse ; et 
transmettre I'article de donnees de reponse re- 
configure au systeme note de messagerie (230). 

15. Procede selon la revendication 14, comprenant en 
outre les etapes consistant a : 

recevoir I'article de donnees de reponse recon- 
figure au niveau du systeme note de messagerie 
(230) ; et 

stocker I'article de donnees de reponse dans 
une boTte de reception d'utilisateur couplee au 
systeme hote de messagerie (230). 

16. Procede selon la revendication 13, comprenant en 
outre les etapes consistant a : 



extraire I'article de donnees de reponse chiffre 
de I'enveloppe electronique au niveau du sys- 
teme hote redirecteur (240) ; 
dechiffrer I'article de donnees de reponse chif- 
fre, extrait pour recuperer I'article de donnees 
de reponse ; 

reconfigurer I'information d'adressage associee 
a I'article de donnees de reponse ; et 
transmettre I'article de donnees de reponse re- 
configure a un systeme de destination en utili- 
sant une adresse electronique incluse dans I'ar- 
ticle de donnees de reponse. 

17. Procede selon la revendication 1, comprenant en 
outre les etapes consistant a : 

fournir au dispositif mobile de I'utilisateur (220) 
une interface a un reseau de donnees sans fil 
(222) ; 

transferer I'enveloppe electronique du systeme 
hote redirecteur (240) a un systeme de passe- 
relle sans fil (260) ; et 

transmettre i'enveioppe electronique du syste- 
me de passerelle sans fil (260) au dispositif mo- 
bile de I'utilisateur (220) en utilisant le reseau 
de donnees sans fil (222). 



de determination comprend les etapes consistant a : 



e base de donnees de profils d'uti- 
lisateur incluant une liste d'utilisateurs 
5 autorises ; et 

verifier si I'utilisateur associe au nouvel article 
de donnees est un utilisateur autorise pour de- 
terminer si le nouvel article de donnees doit etre 
redirige vers le dispositif mobile de I'utilisateur 
10 (220). 

20. Procede selon la revendication 1 , dans lequel I'etape 
de determination comprend les etapes consistant a : 

is acceder a une base de donnees de regies de 

filtrage incluant une liste de filtres a appliquer a 
des articles de donnees pour un utilisateur 
particulier ; et 

appliquer les filtres au nouvel article de donnees 
20 pour determiner si le nouvel article de donnees 

doit etre redirige vers le dispositif mobile de I'uti- 
lisateur (220). 

21 . Procede selon la revendication 1 , dans lequel I'etape 
25 d'enveloppement comprend I'etape consistant a 

adresser I'enveloppe electronique en utilisant 
I'adresse electronique du dispositif mobile de I'utili- 
sateur (220). 

30 22. Procede selon la revendication 1, dans lequel les 
articles de donnees sont des messages de courrier 
electronique, et dans lequel le systeme hote de mes- 
sagerie (230) est un systeme hote de courrier elec- 
tronique. 
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18. Procede si 
outre les el 



23. Procede selon la revendication 1 , dans lequel le dis- 
positif mobile de I'utilisateur (220) est un ordinateur 
portable. 

24. Procede selon la revendication 1 , dans lequel le dis- 
positif mobile de I'utilisateur (220) est un ordinateur 
de radiomessagerie bidirectionneiie. 

25. Procede selon la revendication 24, dans lequel I'or- 
dinateur de radiomessagerie bidirectionneiie com- 
prend une interface reseau sans fil pourcommuni- 
quer avec le systeme hote redirecteur (240) via un 
reseau de donnees sans fil (222). 



transmettre un message de deactivation de 
I'utilisateur au systeme hote redirecteur (240) ; 
et 

a la reception du message de deactivation, em- 
pecher la redirection d'articles de donnees pour 
I'utilisateur envoyant le message de desactiva- 



1 9. Procede selon la revendication 1 , dans lequel I'etape 



26. Procede selon la revendication 25, dans lequel le 
systeme hote redirecteur (240) est couple au reseau 
de donnees sans fil (222) via un systeme de passe- 
relle sans fil (260). 

27. Procede selon la revendication 26, dans lequel I'en- 
veloppe electronique est adressee en utilisant 
I'adresse de reseau de donnees sans fil de I'ordina- 
teur de radiomessagerie bidirectionneiie. 
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28. Precede selon la revendication 1 , dans lequel le sys- 
teme note de messagerie (230) est un fournisseur 
de services Internet. 

29. Precede selon la revendication 28, dans lequel les 5 
articles de donnees sont des messages de courrier 
electronique, et dans lequel le fournisseur de servi- 
ces Internet comprend un programme deserveurde 
courrier. 

10 

30. Precede selon la revendication 29, dans lequel le 
fournisseur de services Internet comprend en outre 
une base de donnees de transfert couplee au pro- 
gramme de serveur de courrier pour detecter si un 
nouvel article de donnees recu au niveau du serveur is 
de courrier doit etre transfere a un systeme hote re- 
directeur (240), et pour determiner I'adresse electro- 
nique de ce systeme hote redirecteur (240). 

31. Precede selon la revendication 1 , dans lequel lesys- 20 
teme hote de messagerie (230) et le systeme hote 
redirecteur (240) sont couples via Internet (218). 

32. Precede selon la revendication 1 , dans lequel le sys- 
teme hote redirecteur (240) comprend un autre sys- 25 
teme hote de messagerie. 

33. Precede selon la revendication 1 , dans lequel le sys- 
teme hote redirecteur (240) est incorpore au syste- 
me hote de messagerie. 30 

34. Precede selon la revendication 6, dans lequel le me- 
canisme d'acces pour configurer et reconfigurer a 
distance les regies de filtrage est une interface de 
page web. 35 

35. Precede selon la revendication 7, dans lequel le me- 
canisme d'acces pour configurer et reconfigurer a 
distance la base de donnees de profils d'utilisateur 

est une interface de page web. 40 

36. Precede seion ia revendication 1, comprenant en 
outre les etapes consistant a : 



37. Precede selon la revendication 36, comprenant en 
outre I'etape consistant a : 

stocker, dans la base de donnees de profils d'uti- 
lisateur, des informations concernant le type et 
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la configuration du dispositif mobile de I'utilisa- 
teur (220). 

38. Precede selon la revendication 1 , dans lequel I'etape 
d'enveloppement comprend en outre les etapes con- 
sistant a : 

convertir le nouvel article de donnees chiffre en 
un format compresse ; et 
placer le nouvel article de donnees compresse 
dans une enveloppe electronique qui est adres- 
see en utilisant I'adresse electronique du dispo- 
sitif mobile de I'utilisateur (220). 

39. Systeme pour rediriger des articles de donnees d'un 
systeme hote de messagerie (230) a un dispositif 
mobile d'utilisateur (220), comprenant 

des moyens pour detecter un nouvel article de 
donnees pour I'utilisateur au niveau du systeme 
hote de messagerie (230) ; 
des moyens pourtransferer une copie du nouvel 
article de donnees a un systeme hote redirec- 
teur (240) ; 

des moyens pour determiner si le nouvel article 
de donnees doit etre redirige du systeme hote 
redirecteur (240) au dispositif mobile de I'utilisa- 
teur (220) et, si le nouvel article de donnees doit 
etre redirige, pour activer : 

des moyens pour chiffrer le nouvel article 
de donnees pour former un nouvel article 
de donnees chiffre en utilisant un algorith- 
me de chiffrement et une cle de 
chiffrement ; 

des moyens pour envelopper le nouvel ar- 
ticle de donnees chiffre dans une enveloppe 
electronique ; et 

des moyens pour transmettre I'enveloppe 
electronique au dispositif mobile de I'utilisa- 
teur (220) ; dans lequel le dispositif mobile 
de i'utilisateur (220) comprend : 

des moyens pour recevoir I'enveloppe 
electronique; 

des moyens pour extraire le nouvel ar- 
ticle de donnees chiffre de I'enveloppe 
electronique ; et 

des moyens pour dechiffrer le nouvel 
article de donnees chiffre pour recupe- 
rer le nouvel article de donnees en uti- 
lisant un algorithme de chiffrement et 
une cle de dechiffrement ; 

le systeme etant caracterise par : 

des moyens pour generer la cle de chiffrement 
au niveau d'un systeme informatique (202) 
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configurer une base de donnees de profils d'uti- 
lisateur pour I'utilisation par le systeme hote re- 
directeur (240) en determinant si le nouvel arti- 
cle de donnees doit etre redirige vers le dispositif 
de donnees mobile de I'utilisateur (220) ; et 
stocker, dans la base de donnees de profils d'uti- 
lisateur, I'adresse electronique du dispositif mo- 
bile de I'utilisateur (220). 
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ayant une liaison de communications securisee 
avec le dispositif mobile (220) ; 
des moyens pourtransferer la cle de chiffrement 
du systeme informatique (202) au systeme note 
redirecteur (240) en utilisant un transfert de 5 
message securise ; 

des moyens pour generer la cle de dechiffre- 
ment au niveau du systeme informatique (202) ; 
et 

des moyens pour transferer la cle de dechiffre- 10 
ment du systeme informatique (202) au dispo- 
sitif mobile (220) en utilisant la liaison de com- 
munications securisee. 

40. Systeme selon la revendication 39, dans lequel les « 
moyens pour transferer la cle de dechiffrement sont 
configures pour envoyer la cle de dechiffrement au 
dispositif mobile (220) sur une connexion serie (203) 
entre le systeme informatique (202) et le dispositif 
mobile (220). 20 

41. Systeme selon la revendication 39, comprenant en 
outre : 

des moyens pour generer une cle privee devant 25 
etre utilisee comme cle de dechiffrement au ni- 
veau du systeme informatique (202) ; 
des moyens pourtransferer la cle privee du sys- 
teme informatique (202) au dispositif mobile 
(220) en utilisant la liaison de communications 30 

des moyens pour generer une cle publique de- 
vant etre utilisee comme cle de chiffrement au 
niveau du systeme informatique (202) ; et 
des moyens pour transferer la cle publique du 35 
systeme informatique (202) a un referentiel de 
cles publiques (205). 

42. Systeme selon la revendication 41, comprenant en 
outre : 40 

des moyens pour transferer ia cie pubiique du 
systeme informatique (202) au systeme hote re- 
directeur (240). 
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